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EDITOR’S  NOTE 


Don  Tennant 


Fingers  Crossed 


HE  SHORTSIGHTEDNESS  is  astonishing.  Com¬ 
panies  are  panicking,  and  they’re  taking  drastic 
steps  to  cut  costs.  But  rather  than  bothering  to  seek 
out  hidden  costs,  many  are  looking  no  further  than 
a  number  on  a  spreadsheet,  and  they’re  cutting  their  people. 
What  should  be  an  absolute  last  resort  has  become,  in  far  too 
many  cases,  an  expedient  first  response. 


I  hear  from  a  lot  of  IT 
workers  who  are  frustrated 
that  their  companies  aren’t 
doing  more  to  force  ven¬ 
dors  to  shoulder  more  of 
the  burden.  It’s  clear  that 
more  information-sharing 
between  IT  executives  on 
ways  to  accomplish  that  is 
needed.  What’s  encourag¬ 
ing  is  that  there’s  plenty  of 
information  to  be  shared. 

Dale  Frantz,  CIO  at  Auto 
Warehousing  Co.,  is  in  the 
unenviable  position  of  sup¬ 
porting  a  business  that’s  de¬ 
pendent  on  the  fortunes  of 
the  automotive  industry,  so 
you  can  imagine  the  lengths 
he’s  had  to  go  to  in  order  to 
cut  costs.  Frantz  is  the  nic¬ 
est  guy  you’d  ever  want  to 
meet,  but  his  vendors  prob¬ 
ably  think  otherwise. 

Frantz  said  that  in  many 
cases,  when  vendors  refuse 
to  renegotiate,  he  just  can¬ 
cels  the  contract.  He  exer¬ 
cised  a  performance  clause, 
for  example,  to  cancel  the 
contract  for  his  MPLS  com¬ 
munications  link  between 
the  U.S.  and  Canada.  He’s 
also  reducing  technical 
support  coverage  for  some 
noncritical  systems  from 


24/7/365  to  weekdays  from 
8  a.m.  to  8  p.m.  —  a  rela¬ 
tively  minimal  increase  in 
risk,  considering  the  sav¬ 
ings  it’s  generating. 

Savvy  IT  executives  rec¬ 
ognize  that  their  vendors 
are  in  a  vulnerable  position, 
and  they  have  the  business 
sense  to  seize  the  moment. 
“Vendors  that  once  held 
themselves  in  the  highest 
regard  and  treated  midsize 
businesses  as  dirt  are  now 
targeting  this  sector,”  said 
Steve  Romeo,  vice  presi¬ 
dent  of  IT  at  orthopedic 
product  supplier  Breg  Inc. 
“We  have  the  attention  of 
vendors  in  a  way  we’ve 
never  seen  before.” 

Vendors  are  hurting 
as  much  as  customers,  so 
they’re  doing  their  utmost 
to  avoid  having  to  renegoti¬ 
ate,  said  Manjit  Singh,  CIO 
at  Chiquita  Brands  Inter¬ 
national.  “However,  when 


■  The  large  ven¬ 
dors  are  starting 
to  buckle.  Even 
Microsoft  is  get¬ 
ting  the  message. 


faced  with  an  ‘all  [lost]  or 
something  [retained]’  situ¬ 
ation,  many  are  willing  to 
become  more  flexible.” 

Mike  Twohig,  CIO  at 
Clean  Harbors  Environ¬ 
mental  Services,  said  the 
larger  vendors  have  been 
slower  to  react,  so  you  need 
to  be  a  little  more  aggressive 
to  get  their  attention.  “We 
have  one  very  large  vendor 
who  will  be  losing  over 
$500,000  in  sales  because 
they  would  not  negotiate 
on  a  product  for  which  we 
have  alternatives,”  Twohig 
said.  “Their  first  reaction 
was  disbelief,”  but  they’re 
beginning  to  understand 
that  they  have  to  reconsid¬ 
er  their  pricing  structure. 

“In  the  past,  these  large 
vendors  have  been  consid¬ 
ered  ‘partners,’  ”  Twohig 
said.  “But  those  that  are 
slow  to  respond  have 
been  informed  that  they 
are  slipping  back  to  just  a 
‘vendor’  that  we  consider  a 
cost  center.” 

There’s  no  question  that 
the  large  vendors  are  start¬ 
ing  to  buckle.  Even  Micro¬ 
soft  is  getting  the  message. 
Just  last  week,  Computer- 


world's  Eric  Lai  reported 
that  Microsoft  is  cutting 
the  cost  of  its  Software 
Assurance  agreements  by 
as  much  as  26%. 

That  brings  us  back 
to  Auto  Warehousing. 

You  may  recall  that  two 
years  ago,  Frantz  began  a 
sweeping  migration  from 
Microsoft  to  Apple  systems 
because  he’d  been  so  badly 
jerked  around  by  Micro¬ 
soft’s  software  licensing 
apparatchiks.  To  date,  that 
move  has  saved  roughly 
$1  million  in  license  fees. 

What  that  has  meant  is 
that  despite  the  collapse  of 
the  auto  industry,  the  num¬ 
ber  of  layoffs  of  IT  person¬ 
nel  at  Auto  Warehousing 
stands  at  zero.  That’s  right. 
Zero.  “Other  departments 
and  divisions  have  had 
layoffs,”  Frantz  said,  “but 
we’ve  cut  enough  out  of 
our  budget ...  to  keep  all 
of  our  people.” 

For  Frantz,  layoffs  would 
be  the  last  resort,  and  you 
can  be  sure  that  employees 
will  remember  that  when 
the  economy  turns  around. 
“There’s  been  some  move¬ 
ment  in  the  auto  industry . . . 
that  shows  a  glimmer  of 
hope,”  Frantz  said.  “Keep 
your  fingers  crossed.” 

I  told  him  I  would.  But 
I’ll  be  hoping  even  more 
that  IT  pros  everywhere 
will  follow  his  example.  ■ 
Don  Tennant  is  Computer- 
world’s  senior  editor- 
at-large.  You  can  contact 
him  at  don_tennant@ 
computerworld.com,  and 
visit  his  blog  at  http:// 
blogs.computerworld.com/ 
tennant. 
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Problems  Won’t  Be 
Solved  by  a  Select  Few 

I  was  introduced  to  Computerworld 
in  the  mid-’90s  when  I  dug  it  out  of 
the  trash  of  different  executives  at 
the  company  I  worked  at.  I  was  the 
only  one  who  regularly  read  it,  al¬ 
though  it  didn’t  get  sent  to  me. 

When  I  left  that  company,  I  was 
forced  to  glean  what  I  could  from 
Computerworld’s  Web  site.  I  make 
it  a  regular  practice  to  look  over 
the  opinions  and  to  read  certain 
authors,  including  Don  Tennant.  I 
find  his  columns  interesting  if  not 
insightful. 

While  I  totally  agree  with  the 
premise  of  his  March  2  column, 
“Unwinding  the  Mess,”  I  found  the 
end  very  offensive.  I  doubt  that  I 
will  ever  be  in  IT  management  — 

I  would  rather  work  with  the  ma¬ 
chines. 

Because  I  have  little  if  any  buy¬ 
ing  power,  I  will  never  be  one  of 
the  165,000  anointed  to  receive  the 
paper  edition  of  your  magazine.  But 
please  do  not  try  to  feed  us  the  load 
of  garbage  that  Computerworld  goes 
to  the  enlightened  few  who  rec¬ 
ognize  the  problems  that  must  be 


fixed  in  the  human  area  of  IT  and 
are  willing  and  able  to  do  so. 

■  Levi  Knox,  systems  analyst , 

Canon  City,  Colo. 

Diversity  of  Thought  Is  a 
Must  in  the  Workplace 

In  his  March  2  editorial,  “Unwind¬ 
ing  the  Mess,”  Don  Tennant  came 
close  to  hitting  the  nail  on  the  head 
regarding  the  necessity  of  articles 
like  those  on  Earl  Pace. 

If  the  country  is  to  pull  itself  out 
of  the  current  recession,  we  will 
need  tremendous  initiative,  creativ¬ 
ity,  hard  work  and,  most  important¬ 
ly,  innovation.  Innovation  springs 
from  diversity;  diversity  of  thought, 
culture,  technology  and  heritage  are 
absolutely  essential  if  the  U.S.  is  to 
continue  to  be  a  world  leader. 

Diversity  in  the  workplace  brings 
diversity  of  thought.  This  is  the  ra¬ 
tional  aspect  of  having  a  diverse  or¬ 
ganization,  one  that  should  appeal 
to  readers  like  the  one  who  wanted 
the  racial  discussion  stopped. 

■  Don  Arney,  professor  and  dean, 
School  of  Technology,  Ivy  Tech 
Community  College,  Terre  Haute,  Ind. 


Aboard 
The  Navy’s 
High-Tech 
Pioneer 

On  the  USS  Free¬ 
dom,  a  brand-new 
combat  ship,  just 
two  IT  staffers 
maintain  networks 
with  over  9,000  components  tied  together  by 
more  than  100  miles  of  cables.  Take  a  video 
tour  of  the  Navy’s  most  high-tech  vessel. 


Mac  Management 
For  Windows  IT  Folks 

Supporting  and  managing  Macs  in  a  predom¬ 
inantly  non-Mac  environment  is  a  challenge, 
particularly  if  you’re  new  to  the  platform. 
These  tools  and  techniques  can  help. 


Five  Universal 
Docking  Stations 

REVIEW:  These  universal  docks 
work  with  an  array  of  notebooks 
and  connect  to  your  network, 
monitor  and  other 
with  a  single  USB  cable. 


What’s  Behind  the 
University  Data  Breaches? 

Privacy  expert  Jay  Cline  examines  the 
multiple  factors  that  are  contributing  to 
the  security  problem. 


Living  With  Linux,  Round  2 

Installation  problems  bedeviled  Preston 
Gralla’s  first  foray  into  the  world  of  Linux. 
After  getting  lots  of  advice  about  what  to 
do,  he  reports  on  the  results. 
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GOVERNMENT 


Fed  CIO  Takes  Leave  After 
Arrest  of  Ex-Subordinate 


JUST  ONE  week  after  be¬ 
ing  named  the  federal 
government’s  first-ever 
CIO,  Vivek  Kundra 
took  a  leave  from  that 
job  last  Thursday,  following 
the  bribery-related  arrests 
of  a  former  subordinate  in 
the  District  of  Columbia’s  IT 
department  and  the  CEO  of 
an  outsourcing  contractor. 

The  FBI  arrested  the  two 
men  and  raided  the  district 
government’s  IT  offices, 
which  Kundra  oversaw  as 
chief  technology  officer  un¬ 
til  President  Obama  named 
him  federal  CIO  on  March  5. 

There  was  nothing  in  the 
court  documents  released  at 
the  arraignment  of  the  ar¬ 
rested  men  to  indicate  that 
Kundra  had  any  knowledge 
of  their  alleged  illegal  ac¬ 
tivities.  However,  the  White 
House  confirmed  that 


THE  WEEK  AHEAD 

MONDAY:  Cisco  is  scheduled  to  announce  a  set  of  data 
center  technologies  (see  story  below). 

WEDNESDAY:  Microsoft’s  Mix09  conference  for  Web  site 
designers  and  developers  opens  in  Las  Vegas. 

WEDNESDAY:  Oracle  plans  to  report  its  Q3  financial  results. 

THURSDAY:  The  U.S.  Senate’s  commerce  committee  is 
scheduled  to  hold  a  hearing  on  federal  cybersecurity  efforts. 


Kundra  is  taking  a  leave  of 
absence;  an  administration 
official  who  asked  not  to  be 
named  wouldn’t  discuss  the 
reasons  for  the  leave  or  say 
how  long  it  might  last. 

FBI  agents  said  they 
found  $70,000  in  cash  in  the 
Washington  home  of 
Kundra’s  onetime  sub 
ordinate  Yusuf  Acar 
after  arresting  him  on 
bribery  charges.  Acar,  i 
who  is  the  district’s 
acting  chief  security 
officer,  was  ordered 
to  be  held  without  bail  after 
prosecutors  said  they  were 
concerned  that  he  would  try 
to  flee  the  U.S. 

Also  arrested  was  Sushil 
Bansal,  CEO  of  Advanced  In¬ 
tegrated  Technologies  Corp., 
a  Washington-based  offshore 
outsourcing  vendor  that  has 
won  more  than  $13  million 


worth  of  contracts  from  the 
district’s  government  since 
2004,  according  to  court 
documents.  Some  were 
awarded  after  Kundra  be¬ 
came  CTO  in  2007. 

In  an  affidavit,  prosecu¬ 
tors  alleged  that  Acar  sub¬ 
mitted  purchase  orders  to 
AITC  for  larger  quantities 
of  products  than  were  actu¬ 
ally  delivered.  For  instance, 
the  affidavit  cited  AITC’s 
purchase  of  500  McAfee  Inc. 
security  software  licenses 
on  behalf  of  the  district’s 
government.  But,  it  said, 
the  outsourcer  charged  the 
IT  department  for  2,000  li¬ 
censes,  at  an  additional  cost 
of  $67,321. 

The  arrests  and  raid  took 
place  while  Kundra  was 
speaking  at  the  FOSE  2009 
conference  in  Washington. 

If  Kundra  was  aware  of 
what  was  going  on,  it  wasn’t 
evident  in  his  speech,  which 
focused  on  his  vision 
for  the  federal  gov¬ 
ernment’s  use  of  IT. 

For  instance,  Kun¬ 
dra  promised  to  undo 
the  government’s 
image  as  a  laggard  on 
technology  adoption. 
“We  can  be  thought  leaders 
when  it  comes  to  innova¬ 
tion,”  he  said. 

But  with  the  later  disclo¬ 
sure  that  Kundra  would  go 
on  leave,  the  question  now 
is  when,  and  maybe  wheth¬ 
er,  he  will  have  a  chance  to 
deliver  on  that  vision. 

—  Patrick  Thibodeau 
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HARDWARE 


Cisco  Set  to 


Blade  Server 

Cisco  Systems  Inc.  today  is 
set  to  unveil  its  first  blade 
server  as  part  of  the  com¬ 
pany’s  “unified  computing” 
initiative. 

Analysts  said  the  new 
Intel-based  blade  server, 
code-named  California,  is 
designed  to  manage  and 
automate  the  movement  of 
virtual  machines  and  appli¬ 
cations  across  data  center 
servers. 

The  blade  servers  are  a 
key  piece  of  the  unified  com¬ 
puting  initiative,  which  aims 
to  make  it  easier  for  compa¬ 
nies  to  virtualize  systems, 
said  Cisco  Chief  Technology 
Officer  Padmasree  Warrior 
in  a  blog  post. 

Today’s  announcement, 
to  be  hosted  by  CEO  John 
Chambers,  is  the  latest  part 
of  a  virtualization  strategy 
Cisco  unveiled  five  years  ago. 

Analysts  said  the  company 
will  also  announce  a  switch 
and  management  console 
jointly  developed  with  BMC 
Software  Inc.  and  EMC  Corp. 

-  MATT  HAMBLEN 


Cisco  will  be 
taking  on  longtime 
server  partners 
IBM  and  Hewlett- 
Packard  in  the 
blade  server 
business. 


CA  Security  Management  software  streamlines  your  IT  security 
environment  so  your  business  can  be  more  secure,  agile  and 
compliant  without  upsizing  your  infrastructure.  All  with  faster 
time  to  value.  Greater  efficiency  starts  with  more  efficient  IT. 

That’s  the  power  of  lean.  ■  //  . 

Learn  more  at  ca.com/security 


Visit  us  at  RSA  Conference,  April  20-24,  Booth  #1533 


Copyright  ><  2009  CA.  Ali  rights  reserv^ 
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Limited  Time  Offer:  Get  50% 
off  and  more  for  the  first 
6  months  when  you  sign 
up  for  a  1  year  plan! 

Visit  www.1and1.com 
for  details! 


a  successful  website 


Register  your  business  website  and  save! 
Protect  your  personal  information  -  private 
domain  registration  is  included  for  FREE! 

.biz  domains  $83^year 
now  $3. 99/first  year* 


The  1&1  Business  Package  gives  you  everything 
you  need  for  a  professional  website.  3  domains, 
site-building  tool,  2,500  e-mail  accounts, 
search  advertising  vouchers  and  more! 

Starting  at  $9J£9Month 
now  $4.99/mo  .*  (first  6  months)  ' 


DOMAIN  NAMES 


WEB  HOSTING 


IE53BHK  -  ( 'ajwbiiitu’s 

of  nn 

.  law  culling 


FREE  Domain 
Names! 


PREMIUM  SERVERS 


Designed  specifically  for  high  performance  needs,  these 
top-of-the-line  AMD™  processors  feature  energy 
efficient  technology,  reducing  costs  and  environmental 
impact  with  increased  performance-per-watt.  1&1 
matches  1 00%  of  the  energy  consumed  in  our 
data  center  with  Renewable  Energy  Certificates. 


Starting  at  $ 1 93*997mont  h 
now  $99.99/mo.’ 


(first  6  months) 


E-COMMERCE  SOLUTIONS 


A; 


Set  up  your  online  store  and  start  selling.  Integration 
with  eBay®,  Shopzilla™,  Google  Product  Search™ 
and  Shopping.com®  included! 

Starting  at  $2^^9ftnonth 
now  $1 1 .99/mo.*  (first  6  months) 

-V-.J  ■■'■I”:  <’!  ■  J"  ■  "  ' -V  '  l’J  ■  '  *  '■ 


Now  accepting 

PayPal 


‘Offers  valid  for  a  limited  time  only.  Setup  fee,  minimum  contract  term,  and  other  terms  and  conditions  may  apply.  Visit  www.1and1.com  for  full 
promotional  offer  details.  Program  and  pricing  specifications,  availability  and  prices  subject  to  change  without  notice. 1&1  and  the  1&1  logo  are 
trademarks  of  1&1  Internet  AG,  all  other  trademarks  are  the  property  of  their  respective  owners.  ©  2009  1&1  Internet,  Inc.  All  rights  reserved. 
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SECURITY 

Companies  Get  Checklist 
On  PCI  Security  Rules 


The  organization 
that  administers  the 
credit  card  industry’s 
data  security  rules  has 
released  a  new  set  of  com¬ 
pliance  guidelines  —  a 
move  that  reinforces  the 
widespread  perception  that 
efforts  to  comply  are  going 
slowly  at  many  companies. 

PCI  Security  Standards 
Council  LLC,  which  was 
set  up  by  Visa,  MasterCard, 
American  Express  and 
other  credit  card  compa¬ 
nies  in  2006,  this  month 
issued  a  15-page  document 
that  details  a  “prioritized 
approach”  for  complying 
with  the  rules. 

The  new  framework 
maps  the  12  security  con¬ 
trols  mandated  by  the 
Payment  Card  Industry 
Data  Security  Standard 
(PCI  DSS)  to  a  list  of  six 
milestones.  Bob  Russo,  the 
council’s  general  manager, 
said  the  goal  is  to  help 
companies  that  have  yet 
to  start  on  their  PCI  DSS 
compliance  efforts  and  are 
wondering  where  to  begin. 
The  first  version  of  the 


PCI  TO-DO  LIST 


1.  Debts  data  on  credit 
card  authentications. 

2.  Safeguard  networks  and 
their  perimeters. 

3.  Secure  payment-card 

applications  and  servers. 

=»•«•**♦*•  .*►«»***«**<•- 

4.  Monitor  networks  and 
control  access  to  systems. 

5.  Protect  "data  about  card 
accounts  and  holders. 

6.  Ensure  that  all  required 
controls  are  in  place. 

security  standard,  which 
applies  to  all  entities  that 
accept  credit  and  debit 
card  payments,  went  into 
effect  nearly  four  years  ago. 
But  many  businesses  still 
aren’t  fully  compliant,  said 
Jim  Huguelet,  a  PCI  consul¬ 
tant  in  Bolingbrook,  Ill. 

“I  think  there  are  a  lot  of 
merchants  who  feel  over¬ 
whelmed  at  the  amount  of 
remediation  [work]  they 
need  to  undertake,”  Hugue¬ 
let  said.  That,  he  added,  has 
led  to  a  state  of  “paralysis” 
in  which  companies  either 
are  doing  nothing  or  are 
only  implementing  the 


easier  PCI  requirements, 
which  by  themselves  do 
little  to  reduce  the  overall 
threat  of  data  breaches. 

The  milestone-based 
framework  finally  gives 
those  companies  a  tem¬ 
plate  for  moving  forward, 
Huguelet  said.  “The  jour¬ 
ney  of  a  thousand  miles 
begins  with  a  single  step,” 
he  noted.  “And  the  PCI 
[council]  has  now  officially 
announced  what  those  first 
steps  should  be.” 

Russo  said  the  milestones 
are  meant  to  provide  an  or¬ 
ganized  compliance  meth¬ 
odology  that  ensures  that 
the  highest-risk  issues  are 
addressed  first.  In  addition, 
a  spreadsheet-based  tool 
released  with  the  frame¬ 
work  can  be  used  to  plot 
progress  against  the  mile¬ 
stones  and  to  give  auditors 
a  snapshot  of  a  company’s 
compliance  status. 

The  first  milestone 
focuses  on  purging  sensi¬ 
tive  card-authentication 
data  from  systems  and 
limiting  the  amount  of  in¬ 
formation  that  companies 
collect  and  retain.  Others 
revolve  around  network 
and  application  security, 
user  access  control  and  the 
protection  of  stored  data. 

—  Jaikumar  Vijayan 


Short 

Takes 

Dell  Inc  said  it  has 
laid  off  an  undisclosed 
number  of  employees  at 
sites  around  the  world 
in  a  continuing  effort  to 
cut  costs  and  streamline 
operations.  The  company 
in  January  had  announced 
plans  to  cut  1,900  jobs  in 
Europe. 

last 

week  issued  three  se¬ 
curity  updates  to  patch 
eight  vulnerabilities  in 
Windows,  including  a 
critical  bug  that  could  let 
an  attacker  gain  control 
of  a  machine  simply  by 
tricking  users  into  viewing 
a  malicious  image. 

AOL  LLC  has  named 
Tim  Armstrong,  president 
of  ’s  Americas 

operations,  to  replace 
Randy  Falco  as  chairman 
and  CEO.  Falco  and  COO 
Ron  Grant  will  leave  AOL 
after  an  unspecified  tran¬ 
sition  period,  according  to 
the  Internet  unit  of 
Warner  Inc. 

said  that 
several  hard  drives  failed 
during  a  routine  upgrade, 
causing  the  temporary 
loss  of  10%  to  15%  of  the 
photographs  stored  on  its 
social  networking  site. 


IT  ECONOMY 

HP,  Microsoft  Offer  Deals 
To  Help  Stretch  IT  Dollars 


LOOKING  TO  MAKE  its  out¬ 
sourcing  and  IT  services  more 
affordable  in  a  down  economy, 
Hewlett-Packard  Co.  last  week 
said  it  is  adopting  variable  pric¬ 
ing  that  will  be  based  on  the 
service  levels  users  choose. 

For  instance,  customers 
of  HP's  EDS  unit  will  be  able 
to  specify  different  support 


service  levels  for  individual 
applications  based  on  their 
importance  -  with  HP's  pricing 
varying  accordingly. 

The  new  approach  could  low¬ 
er  application  support  costs  by 
up  to  40%  for  some  users,  said 
Jeff  Womack,  vice  president  of 
product  marketing  at  EDS. 

John  Madden,  an  analyst  at 


consulting  firm  Ovum,  said  HP 
is  clearly  being  driven  by  the 
recession.  “If  you  have  custom¬ 
ers  that  are  hurting  financially,” 
Madden  said,  “do  you  pound 
them  over  and  over  with  the 
same  terms?”  But,  he  added, 
HP  also  may  be  looking  at  the 
competitive  challenges  that 
vendors  like  EDS  face  from 
cloud  computing  services. 

Microsoft  Corp.  is  also  offer¬ 
ing  some  price  breaks,  through 
deals  that  let  users  save  up  to 
26%  on  software  licenses  and 


the  company’s  Software  Assur¬ 
ance  support  contracts. 

“One  reseller  I  talked  to  says  he 
has  never  seen  Microsoft  doing 
this  level  of  promotion  and  price- 
cutting  in  the  enterprise  space,” 
said  Paul  DeGroot,  an  analyst  at 
Directions  on  Microsoft. 

-PATRICK  THIBODEAU 
AND  ERIC  LAI 
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PRIVACY 

Bill  Would  Clarify  Rules  on 
Data  Breach  Disclosures 


A  CO-AUTHOR  OF 
the  landmark  six- 
year-old  California 
data-breach  notifi¬ 
cation  law  said  that  a  new 
bill  he  filed  late  last  year 
would  standardize 
the  process  of  notify¬ 
ing  consumers  and 
government  agencies 
of  data  breaches  that 
expose  personal  in¬ 
formation. 

Speaking  at  a 
symposium  on 
breach  notifica¬ 
tion  issues  held 
earlier  this  month 
at  the  University  of 
California,  Berkeley, 

State  Sen.  Joe  Simitian  said 
that  his  latest  bill,  known  as 
SB  20,  would  give  “greater 
clarity  and  specificity  as 
to  the  content  of  secu- 


agencies  may  underestimate 
breaches  because  they  lack 
information.  “We  actually 
have  very  poor  data  on  data 
breaches,”  Cate  said,  noting 
that  current  laws  mostly 

require  consumers, 
not  governments, 
to  be  notified  that 
personal  data  was 
accessed. 

The  initial  Cali¬ 
fornia  law,  which 
took  effect  in  2003, 
requires  that  con¬ 
sumers  be  notified 
when  unencrypted 
financial  data  is  lost 
or  stolen  from  com¬ 
puter  systems.  The 
law  is  credited  with  inspir¬ 
ing  similar  legislation  in  43 
other  states. 

—  Robert  McMillan, 
IDG  News  Service 


State  Sen.  Joe 
Simitian  hopes 
SB  20  will  clarify 
breach  notifica¬ 
tion  procedures. 


BETWEEN  THE  LINES  By  John  Klossner 
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The  Association  for  Com¬ 
puting  Machinery  said  that 
it  will  give  its  2008  A.M. 
Turing  Award  to  MIT  pro¬ 
fessor  Barbara  Liskov  for 
her  work  on  software  pro¬ 
gramming  methodologies. 

Satyam  Computer  Services 
Ltd.,  which  admitted  to 
fraudulent  accounting  in 


January,  began  a  bidding 
process  aimed  at  finding 
a  new  majority  owner. 

In  an 

effort  to  reduce  medication 
errors,  the  U.S.  Food  and 
Drug  Administration  man¬ 
dated  that  bar  codes  be 
put  on  the  packages  of  all 
drugs  used  in  hospitals. 


rity  breach  notices,  which  I 
think  is  long  past  due.” 

Simitian  said  he  hopes 
that  California  Gov.  Arnold 
Schwarzenegger  will  sign 
the  new  bill  into  law  by 
year’s  end. 

While  letters  sent  by  some 
companies  and  government 
agencies  do  a  good  job  of 
telling  affected  users  exactly 
what  happened  to  their  data, 
a  “substantial  number”  do 
not,  often  leaving  consum¬ 
ers  “more  confused  than 
informed,”  he  said. 

SB  20  also  requires  that 
the  state  attorney  general’s 
office  or  another  agency 
keep  track  of  breaches, 
which  Simitian  said  would 
give  public  officials  “a  better 
understanding  of  the  nature 
and  scope  of  the  problem.” 

Fred  Cate,  a  law  professor 
at  Indiana  University’s  Mau¬ 
rer  School  of  Law  in  Bloom¬ 
ington,  told  symposium 
attendees  that  government 


Global 

Disnat< 


spatsches 


U.K.  Police  Lose 
Crime-Data  Card 

EDINBURGH,  Scotland -A 

memory  stick  containing  un¬ 
encrypted  information  on  hun¬ 
dreds  of  Lothian  and  Borders 
Police  investigations  has  gone 
missing. 

The  USB  memory  stick  was 
last  used  by  the  traffic  unit  in 
the  police  department,  which 
is  responsible  for  the  city  of 
Edinburgh  and  the  rest  of 
southeastern  Scotland.  The 
police  disclosed  the  incident 
on  Feb.  26,  nearly  two  months 
after  the  stick  was  lost. 

A  department  spokesman 
said  the  data  wasn’t  encrypted 
because  the  memory  stick 
was  “being  transferred  within 
a  secure  compound  within 


police  headquarters.” 

“We  are  confident  that  this 
loss  does  not  in  any  way  com¬ 
promise  any  individual  involved 
in  any  ongoing  or  previous  po¬ 
lice  investigations,”  he  added. 
Leo  King, 

Computerworld  U.K, 

Perot  Opening  BP0 
Office  in  Chennai 

CHENNAI,  India -Perot 
Systems  Corp.  last  week  an¬ 
nounced  plans  to  open  a  new 
facility  here  that  will  specialize 
in  business  process  outsourc¬ 
ing  for  the  health  care  industry. 

A  Perot  India  spokesman 
said  the  company  plans  to 
increase  its  overall  IT  and  BP0 
workforce  in  India  by  about 
1,000,  to  a  total  of  7,700  em¬ 
ployees,  during  2009. 

He  said  the  new  Chennai 
BP0  facility  -  its  fourth  located 
in  the  city  -  will  open  next 
month  with  353  employees. 


The  company  said  it  expects 
the  facility  to  house  800  work¬ 
ers  by  year’s  end. 

John  Ribeiro, 

IDG  News  Service 

BRIEFLY  NOTED 

Iceland  Foods  Ltd.  in  Oeeside, 
Wales,  has  signed  an  £11.5  mil¬ 
lion  ($15.8  million  U.S.)  con¬ 
tract  to  renew  its  outsourcing 
deal  with  Netherlands-based 
Getronics  NV  for  seven  years. 
The  deal  calls  for  Getronics  to 
host  the  Iceland  Foods  serv¬ 
ers  and  oversee  IT  security, 
systems  management,  service 
desk  provisioning,  and  PC  and 
BlackBerry  support  functions. 
Leo  King, 

Computerworld  U.K. 
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Follow  the  Zappos.com 
CfO  on  Twitter' 


Zappos 

CEO 


Zappos 

CEO 


H 


Hey  there!  zappos  is  using  Twitter. 

Twitter  is  a  free  service  that  lets  you  keep  in  touch  with  people 
through  the  exchange  of  quick,  frequent  answers  to  one 
simple  question:  What  are  you  doing?  Join  today  to  start 
receiving  zappos's  updates. 


Alr« 


twitter.zappos.com 

powered  by  twitter,  SaBJffiMfilD,  S&ltMna  »"<•  V»u. 

Zappos  Public  Mentions  Employee  Tweets 

Beginner  s  Quick  Swrlidlliit^LIttKalaLia UVMLBsUK!: 


Time  to  90  to  the  dentist. 


-i'  jEapoos  Graham  07  45  AM  Pacific  -  Tue  03/10/09 


got  incredibly  tired  at  8pm  last  night,  tried  to  resist  the  urge  to  taKe  a 
nap.  resistance  was  futile — slept  for  11  hours. 

sstsyes  07:39  AM  Pacific  -  Tue  03/10/09 

(iSskwlQQ  How  was  it?  1  always  see  those  and  am  curious  as  to  if  they  are 
worth  it. 


from  VO  ’  n®®"  ismlJley.  07.31  AM  Pacific  -  Tue  03/10/09 


iSiooPeacefuliv  How  was  the  hot  date? 


Zappos 

CEO 


Zappos 

CEO 


Zappos 

CEO 


Zappos 

CEO 


Zappos 

CEO 


Zappos#!  zappos 

CEO 


While  boarding  plane, 
maintenance  man  comes  out  of 
cockpit  carrying  big  piece  of 
metal  hardware  w/  dangling 
wires.  Urn,  found  an  extra  part? 

about  1 4  hours  ago  from  tx! 


At  Celebrity  Apprentice  viewing  upstairs  at  Hot  Rod  Gride  in 
Henderson.  Stop  by  if  you’re  around,  it's  a  @Zappos  task 
episode!  NBC  9-11  PM 


Name  Zappos.cot 
Location  Las  Veg 

Web  hnp://www.. 

Bio  www. nappes.- 
blogs.zappos,  con 
twitter. zappos. co- 


fiffittlciStl  07:25  AM  Pacific  -  Tue  03/10/09 


Getting  sick  every  10-20  minutes,  but  I  don't  have  enough  points  to  call 
In  because  of  the  last  time  I  got  sick. 

hJiJLX  07:29  AM  Pacific  -  Tue  03/10/09 


i  Where  are  you. 


fayissif!  07:13  AM  Pacific  -  Tue  03/10/09 


177,772  | 
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Web  2.0  Tools  Can 
Foster  Growth 
In  Hard  Times 


online  user  attacks.  By  Sharon  Gaudin 


jAPPOS.COM  INC. 
credits  its  novel  Web 
2.0-based  sales  phi- 
I  losophy  for  much  of 
its  significant  sales  growth 
—  and  continuing  profit¬ 
ability  —  during  the  current 
hard  times. 

The  online  shoe  and 
clothing  store  doesn’t  spend 
massive  sums  creating  and 
implementing  online  or  of¬ 
fline  marketing  and  advertis¬ 
ing  campaigns,  yet  it  still 


generates  significant  buzz 
among  its  current  and  po¬ 
tential  customers. 

How?  Mostly  through  its 
heavy  use  of  Twitter  Inc.’s 
eponymous  social  network 
and,  to  a  lesser  extent,  its 
use  of  tools  from  Web  2.0 
providers  like  Facebook  Inc. 

Of  Zappos.com’s  1,400 
employees,  450  actively 
use  Twitter  to  promote  the 
company.  In  fact,  CEO  Tony 
Hsieh  is  the  20th  most  pop¬ 


ular  Twitterer,  with  more 
than  186,000  followers  on 
the  social  network,  accord¬ 
ing  to  Twitterholic.com. 

Instead  of  sending  online 
shoppers  coupons  or  infor¬ 
mation  about  sales,  execu¬ 
tives  and  employees  at 
Henderson,  Nev.-based 
Zappos.com  regularly  tweet 
about  what  happens  to  them 
at  the  airport,  the  fact  that 
they  eat  marshmallows  in 
between  phone  calls  and  the 


Zappos.com  provides  a  separate 
Twitter  page  for  CEO  Tony  Hsieh 
and  a  list  of  public  tweets  about 
the  company. 

state  of  the  economy. 

The  goal  is  to  respond  to 
customer  comments  and 
form  personal  connections 
with  their  Twitter  followers, 
as  well  as  with  friends  on 
Facebook,  where  employees 
post  blogs  and  videos. 

The  tweets  and  posts  are 
a  way  to  give  customers 
and  other  curious  social 
network  members  a  way  to 
get  a  glimpse  at  the  inside 
workings  of  the  company. 

“Today,  consumers  have 
access  to  so  much  informa¬ 
tion,”  said  Aaron  Magness, 
director  of  business  develop¬ 
ment  at  Zappos.com.  “You 
can  buy  the  same  shirts  at 
Zappos  as  at  somewhere 
else.  The  product  almost  be¬ 
comes  less  important;  it  be¬ 
comes  about  the  business.” 

The  privately  held  retailer 
claimed  more  than  $1  billion 
in  sales  last  year,  up  from 
$840  million  in  2007.  In  blog 
posts,  Hsieh  said  the  com¬ 
pany  did  cut  8%  of  its  work¬ 
force  late  last  year  because 
of  the  declining  economy, 
but  it  continues  to  be  profit¬ 
able  nonetheless. 

Zappos.com  isn’t  alone  in 
its  use  of  social  networks. 
Companies  large  and  small 
Continued  on  page  14 
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Free  triaiware  download  at  CDW.com/endpoint 

Symantec  ™  Endpoint  Protection  11.0 


SonicWALL  Network  Security 
Appliance  2400 


Cisco®  ASA  5505  Adaptive 
Security  Appliance 


Secures  your  network  against  attacks  such  as 
worms,  viruses,  spyware,  keyloggers,  Trojan 
horses,  rootkits  and  hackers 
Delivers  secure  remote  access  to  authenticated 
users  on  managed  and  unmanaged  endpoints 
Combines  feature-rich  VPN  connectivity  with 
comprehensive  threat  defense  to  deliver 
cost-effective  remote  network  access 
Prevents  unauthorized  access  to  applications 
or  information  assets  by  providing  fine-grain 
identity  -  or  network-based  access  control 


•  Utilizes  a  breakthrough  multi-core  hardware 
design  and  patented  reassembly-free  DPI  with 
6GbE  interfaces 

•  Delivers  real-time  network  protection  without 
compromising  performance 

•  Offers  high-quality  threat  prevention,  rapid 
deployment  and  lowered  TCO 

•  Combines  high-speed  intrusion  prevention,  file  and 
content  inspection  and  powerful  application  firewall 
capabilities  with  an  extensive  array  of  advanced 
network  and  configuration  flexibility  features 


Combines  Symantec  AntiVirus™  with  advanced  threat 
prevention  in  a  single  agent,  delivering  an  unmatched 
defense  against  malware  for  notebooks,  desktops 
and  servers 

Seamlessly  integrates  essential  security  technologies 
in  a  single  agent  that  is  administered  via  a  single 
management  console,  increasing  protection  and 
helping  lower  total  cost  of  ownership 


100-249  user  license  with  1-year  Essential  Support1 
$32.99  CDW 1314200 
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We're  there  with  the  security  solutions  you  need. 

Security  threats  won't  get  on  your  network  if  they  can't  get  to  the  network.  That's  why  gateway  security  is 
so  important.  CDW  has  a  wide  selection  of  top-name  firewall  protection,  antivirus,  antispyware,  intrusion 
prevention  and  more.  Our  personal  account  managers  along  with  our  highly  trained  technology  specialists 
have  the  expertise  you  need  to  ensure  your  network  i;  ‘ 
eliminate  threats  before  they  even  become  threats. 


;  fortified  and  secure.  So  call  CDW  today.  And 

CDW.com  800.399.4CDW 


'Essential  Support  includes  24x7  technical  phone  support  and  upgrade  insurance;  call  your  CDW  account  manager  for  details.  Offer  subject  to  CDW's  standard 
termsandconditionsofsale.availableatCDW.com.  ©2009  CDW  Corporation  i/i  ' 
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■  NEWS  ANALYSIS 


Continued  from  page  12 
are  increasingly  investigat¬ 
ing  how  to  best  use  Web  2.0 
tools  from  the  likes  of  Twit¬ 
ter,  Facebook,  Linkedln  and 
YouTube.  Analysts  note  that 
there’s  increasing  pressure 
from  customers  and  em¬ 
ployees  on  companies  to  use 
social  networks. 

POTENTIAL  RISKS 

Analysts  say  that,  as  in  the 
case  of  Zappos.com,  using 
Web  2.0  tools  to  boost  vis¬ 
ibility  can  be  a  good  thing, 
but  the  strategy  can  also 
pose  risks,  especially  in  a 
time  of  layoffs,  benefit  cut¬ 
backs  and  salary  reductions. 

For  example,  an  employ¬ 
ee,  whether  she’s  a  CEO  or 
a  researcher,  could  create 
an  online  maelstrom  with 
an  unintentional  slip  of  the 
keyboard.  And  readers  of  a 
company’s  online  posts,  bol¬ 
stered  by  anonymity,  could 
respond  to  them  in  a  par¬ 
ticularly  vicious  manner. 

“It’s  two-way  communica¬ 
tion,  and  you  have  to  be  able 
to  take  the  heat  that  may 
come  your  way,”  said  Dan 
Olds,  an  analyst  at  Gabriel 
Consulting  Group  Inc.  in 
Beaverton,  Ore.  “It  isn’t  for 
everyone.  Some  companies 
will  have  a  hard  time  deal¬ 
ing  with  it,  while  others  will 
thrive.” 

Olds  said  that  any  com¬ 
pany  using  Web  2.0  tools 
will  inevitably  face  strong, 
and  potentially  embarrass¬ 
ing,  criticism.  “No  company 
is  perfect,  and  some  cus¬ 
tomers  will  complain  about 
anything,”  he  said.  “That’s 
why  some  companies  are 
still  cautious  about  engaging 
with  social  networks.” 

Olds  also  noted  that  it’s 
important  for  businesses  to 
find  the  right  voice  or  tone 
for  their  social  networking 
personas.  For  example,  Dell 
Inc.  uses  sites  like  Twitter  to 
blast  out  information  about 


sales  and  coupons,  while 
Zappos.com  is  all  about  let¬ 
ting  customers  get  to  know 
its  employees,  he  said. 

“You  have  to  make  sure 
that  you’re  presenting  the 
right  image  for  your  compa¬ 
ny  and  doing  it  in  the  right 
way,”  he  said.  “A  whimsical 
and  funny  approach  will 
work  for  Apple  and  many 
other  companies,  but  not  so 
well  for,  say,  Dow  Chemical. 
It  takes  a  lot  of  thought  and 
careful  consideration.” 

Olds  also  suggested  that 
companies  establish  a  clear 
goal  for  their  social  net¬ 
working  strategies  —  and  he 
said  they  shouldn’t  expect 
users  to  automatically  em¬ 
brace  them.  “A  bank  that  fo¬ 
cuses  on  its  interest-bearing 


checking  accounts  will  be 
less  interesting  than  a  bank 
CEO  who  provides  straight 
talk  on  the  economy.  The 
critical  thing  is  to  under¬ 
stand  your  goals  and  present 
an  image  consistent  with 
your  company,”  he  said. 

“I  see  this  whole  social 
networking  phenomenon 
not  as  truly  a  purely  techni¬ 
cal  phenomenon,  but  as  a 
change  in  the  values  of  the 
organization,”  said  Soumitra 
Dutta,  the  Roland  Berger 
Chaired  Professor  of  Busi¬ 
ness  and  Technology  at 
INSEAD,  an  international 
business  school  in  Fontaine¬ 
bleau,  France. 

“CEOs  are  becoming 
more  open  to  new  ideas 
from  employees  and  cus¬ 


tomers  they  haven’t  nor¬ 
mally  interacted  with,” 

Dutta  said.  “Traditionally, 
companies  have  looked  at 
customer  relationship  man¬ 
agement  as  a  one-to-one  is¬ 
sue.  Today,  we’re  seeing  that 
customers  talk  to  each  other 
and  not  just  directly  to  the 
company.” 

Thus,  businesses  must 
move  in  to  try  to  actively 
manage  their  relationships 
with  these  communities  and 
respond  to  positive  and  neg¬ 
ative  feedback,  he  added. 

A  growing  number  of 
businesses  are  creating 
such  communities  to  bring 
together  groups  of  people 
who  all  love  the  same  thing, 
whether  it’s  a  certain  pair  of 
sneakers,  a  car  model  or  a 


mainframe  computer. 

For  example,  just  over 
a  year  ago,  IBM  created  a 
Facebook  page  for  people 
interested  in  news  and  in¬ 
formation  about  its  System  z 
mainframe  computer  offer¬ 
ings.  Launched  in  December 
2007,  the  page  now  counts 
more  than  700  friends.  And, 
IBM  notes,  that’s  a  lot  of 
friends  for  a  computer  that 
isn’t  the  newest  or  sexiest 
around  today. 

IBM  spokesman  Kevin 
Acocella  acknowledged  that 
the  company’s  use  of  what 
many  see  as  kids’  technol¬ 
ogy  to  gather  people  inter¬ 
ested  in  big-iron  machines 
used  by  the  Facebook  gener¬ 
ation’s  fathers  and  grandfa¬ 
thers  is  somewhat  ironic. 


IBM  is  looking  to  use 
the  technology  to  get 
young  people  interested  in 
mainframe  technology  by 
offering  links  to  articles, 
comment  strings,  YouTube 
videos  and  the  like.  The 
Facebook  page  has  become 
particularly  important  in 
this  economy,  since  many 
IT  professionals  and  stu¬ 
dents  can’t  afford  to  go  to 
conferences  or  seminars, 
Acocella  added. 

Despite  its  status  as  one  of 
the  earliest  computer  com¬ 
panies,  IBM  is  no  Johnny- 
come-lately  to  the  social 
networking  scene.  IBMers 
have  been  blogging  and  col¬ 
laborating  with  wikis  for 
several  years. 

The  company  has  even 
created  a  social  networking 
site,  dubbed  The  Greater 
IBM  Connection,  for  IBM 
employees  and  alumni.  The 
site,  which  was  created 
about  two  years  ago,  attract¬ 
ed  some  24,000  members 
in  the  first  14  months.  Mem¬ 
bership  has  since  tripled 
to  73,000  in  more  than  110 
countries,  Acocella  said. 

Also,  IBM  has  created  a 
social  media  team  to  help 
its  current  employees  learn 
how  to  use  social  networks, 
record  and  edit  podcasts, 
and  be  successful  bloggers. 

“Over  the  years,  we’ve 
learned  that  what  the 
decision-makers  cite  as  one 
of  the  most,  if  not  the  most, 
important  driver  of  their 
perception  of  IBM  is  their 
personal  interaction  with 
IBMers,”  noted  Acocella. 

And  while  IBM  requires 
its  employees  to  follow  Web 
2.0  guidelines  it  has  estab¬ 
lished  —  such  as  banning 
the  use  of  obscenities  or 
slurs,  or  the  posting  of  con¬ 
fidential  company  data  or 
personal  information  about 
fellow  employees  —  others, 
like  Zappos.com,  give  their 
employees  free  rein.  ■ 


Today,  consumers  have 
access  to  so  much  dif¬ 
ferent  information.  You  can  buy 
the  same  shirts  at  Zappos  as  at 
somewhere  else.  The  product 
almost  becomes  less  important; 
it  becomes  about  the  business. 

DIRECTOR  OF  BUSINESS 
DEVELOPMENT,  ZAPPOS.COM  INC. 
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It  takes  a  dynamic  infrastructure  to 
sustain  growth  while  staying  green. 


A  business  is  like  a  tree.  It  relies  on  a  strong  root  system  to  grow 
and  thrive  in  a  changing  environment.  NEC’s  Dynamic  IT  Infrastructure 
provides  the  resilience  and  flexibility  necessary  for  a  successful  enterprise 
to  evolve,  grow  and  succeed.  Our  portfolio  of  hardware,  software,  services 
and  solutions  provides  every  element  of  an  integrated  IT  infrastructure. 

This  flexible  architecture  lowers  your  total  cost  of  ownership  by  enabling 
scalability,  adaptability  and  evolution  without  forklift  upgrades,  while 
collectively  minimizing  the  carbon  footprint  and  impact  on  the  environment. 


As  a  global  IT  and  networking  powerhouse,  NEC  provides  such  innovative 
IT  infrastructure  solutions  and  more.  Whatever  your  challenge,  you  can  be 
sure  of  one  thing.  NEC  empowers  you  through  innovation. 

www.necus.com/dynamic 


IT  SERVICES  AND  SOFTWARE  NETWORKING  AND  COMPUTING  SEMICONDUCTORS 


IMAGING  AND  DISPLAYS 


©NEC  Corporation  2008. 

NEC  and  the  NEC  logo  are  registered  trademarks  of  NEC  Corporation.  Empowered  by  Innovation 

Empowered  by  Innovation  is  a  trademark  of  NEC  Corporation. 
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DHS  Exec’s  Exit 
Raises  Red  Flags  on 
NSA’s  Security 

Critics  contend  that  the  spy 
agency  shouldn’t  take  the 
lead  on  federal  cybersecurity 
efforts.  By  Jaikumar  Vijayan 


The  abrupt 
resignation  of 
one  of  the  U.S. 
government’s 
top  cybersecu¬ 
rity  officials  has  exposed 
widespread  —  though  not 
universal  —  opposition 
to  the  National  Security 
Agency’s  expanding  role  in 
federal  security  initiatives. 

Rod  Beckstrom  stepped 
down  as  head  of  the  National 
Cybersecurity  Center  on 
Friday,  six  days  after  his 
one-year  anniversary  in 
that  job.  The  Department  of 
Homeland  Security  made 
him  the  NCSC’s  first  director 
after  setting  up  the  agency 
to  oversee  the  government’s 
cybersecurity  defenses  and 
cyberthreat  responses.  But  in 
a  sharply  worded  resignation 
letter  dated  March  5,  Beck- 
strom  said  the  NSA  is  effec¬ 
tively  running  those  efforts. 

He  also  claimed  that  by 
proposing  that  the  offices  of 
both  the  NCSC  and  the  Na¬ 
tional  Protection  and  Pro¬ 
grams  Directorate  be  moved 
to  its  headquarters,  the  NSA 
is  trying  to  wrest  further 
control  from  the  DHS. 

Letting  the  intelligence 
agency  take  the  lead  on 


cybersecurity  is  “a  bad  strat¬ 
egy  on  multiple  grounds,” 
Beckstrom  contended.  The 
intelligence  culture  is  “very 
different  than  a  network  op¬ 
erations  or  security  culture,” 
he  wrote,  adding  that  the 
NSA  should  be  involved  in 
cybersecurity  programs  but 
not  have  control  over  them. 

Similar  sentiments  were 
voiced  at  a  congressional 
hearing  on  cybersecurity  is¬ 
sues  last  week.  For  instance, 
Scott  Charney,  vice  presi¬ 
dent  of  Microsoft  Corp.’s 
Trustworthy  Computing 
initiative,  noted  that  the 
NSA  has  more  technical 
expertise  on  cybersecurity 
than  other  agencies  do.  But 
to  ensure  that  the  security 
work  is  “being  done  in  a 
transparent  fashion,  the 
mission  cannot  rest  with  the 
NSA,”  Charney  said. 

Historically,  intercepting 
and  analyzing  foreign  com¬ 
munications  has  been  the 
NSA’s  primary  responsibil¬ 
ity.  As  a  result,  it  focuses 
more  on  covert  data  collec¬ 
tion  than  on  the  information- 
sharing  needed  to  build 
effective  security  defenses 
across  the  government  and 
in  the  private  sector,  other 


critics  said  in  interviews. 

The  NSA’s  “strength  lies 
in  breaking  into  networks,” 
said  Gartner  Inc.  analyst 
John  Pescatore.  And  while 
the  agency’s  top-secret 
nature  is  obviously  appro¬ 
priate  for  spying,  it’s  the 
“exact  opposite”  of  what  is 
required  on  cybersecurity 
initiatives  outside  of  the 
military,  he  said. 

The  NSA  does  have  an 
information  assurance  unit 
that  coexists  with  its  eaves¬ 
dropping  operations 
and  provides  a  wide 
range  of  security 
technologies  and 
services,  including 
vulnerability  analy¬ 
sis  and  a  24/7  threat 
warning  capability. 

But  those  dual 
roles  may  conflict 
with  each  other, 
claimed  Bruce 
Schneier,  chief 
technology  officer  at  se¬ 
curity  services  vendor  BT 
Counterpane.  Citing  a  hypo¬ 
thetical  example,  Schneier 
wondered  what  the  NSA 
would  do  if  it  found  a  flaw  in 
Windows  that  would  let  the 
agency  monitor  electronic 
communications.  “Do  they 
fix  it  or  do  they  exploit  it?” 
he  asked. 

In  testimony  last  month 
before  the  House  Permanent 
Select  Committee  on  Intel¬ 
ligence,  Dennis  Blair,  who 
became  director  of  national 
intelligence  in  January, 
acknowledged  that  many 
Americans  don’t  trust  the 


NSA  to  protect  data.  But  he 
said  that  it  has  “the  greatest 
repository  of  cyber  talent” 
in  the  government  and  that 
its  capabilities  should  be 
“harnessed  and  built  on.” 

The  NSA  also  has  its 
supporters  outside  of  the 
government.  For  instance, 
Alan  Paller,  director  of 
research  at  the  SANS  Insti¬ 
tute,  a  security  research  and 
training  organization  that 
has  worked  jointly  with  the 
NSA,  said  the  leadership 
shown  by  the  agency  and 
the  Department  of  Defense 
has  been  “the  only  bright 
spot  in  a  desolate  federal 
cybersecurity  landscape.” 

And  it’s  not  like  the  DHS 
has  a  lot  of  fans  —  the  agen¬ 
cy  was  roundly  slammed 
at  last  week’s  hearing.  Da¬ 
vid  Powner,  director  of  IT 
management  issues  at  the 
Government  Accountabil¬ 
ity  Office,  said  it’s 
obvious  that  the 
DHS  isn’t  living  up 
to  its  leadership 
responsibilities  on 
cybersecurity. 

In  a  statement,  the 
DHS  voiced  regret 
about  Beckstrom’s 
departure  and  de¬ 
fended  its  ongoing 
security  efforts.  The 
agency  said  that  it 
“has  a  strong  relationship 
with  the  NSA  and  continues 
to  work  in  close  collaboration 
with  all  of  our  federal  part¬ 
ners  on  protecting  federal 
civilian  networks.” 

All  eyes  are  now  on  a 
60-day  review  of  federal 
cybersecurity  programs  that 
President  Barack  Obama  or¬ 
dered  last  month.  The  presi¬ 
dent  is  seeking  recommen¬ 
dations  for  ensuring  that  the 
programs  are  aligned  with 
government  and  private- 
sector  needs.  Then  he  gets 
to  decide  how  big  of  a  role 
both  the  DHS  and  the  NSA 
will  play  in  the  future.  ■ 
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■  THE  GRILL 

Rob  Carter 

FedEx’s  CIO  talks  about  recession 
cleanups,  a  challenging  customer 
base,  and  the  promise  of  active 

RFID  and  sensor  technologies. 


Dossier 

Name:  Robert  B.  Carter 

Title:  Executive  vice  president, 
information  services,  and  CIO 

Organization:  FedEx  Corp. 

Location:  Memphis 

Favorite  technology:  “My  Black- 
Berry.  I  admit  it:  I’m  addicted.” 

Favorite  nonwork  pastime: 
“Getting  away  from  the  city  and 
relaxing  in  the  mountains  of 
east  Tennessee.” 

Philosophy  in  a  nutshell: 

“Work  hard,  lead  a  balanced 
life,  and  have  an  undying 
respect  for  people.” 

Recent  good  read:  Outliers, 
by  Malcolm  Gladwell 

Favorite  movie:  Raiders  of 
the  Lost  Ark 

Greatest  ambition:  “For  the  first 
half  of  my  life,  it  was  about  suc¬ 
cess.  Now  that  I’m  in  the  second 
half,  it’s  about  significance.” 


How  have  you  had  to  reprioritize  IT  proj¬ 
ects  because  of  budget  considerations  in 
this  economy?  While  it’s  certainly 
tighter  than  average  this  year,  that  by 
no  means  implies  that  we’re  not  invest¬ 
ing.  We’ve  got  a  reasonable  project 
plan  for  the  year  that  does  reflect  the 
restrained  spending,  but  at  the  same 
time,  you  have  to  make  investments. 

In  hard  times,  it  takes  the  most  cour¬ 
age  to  invest  and  stay  current.  We  also 
get  the  ability  to  clean  up  some  things, 
frankly.  When  there’s  a  lot  of  pullback 
in  investing,  sometimes  it’s  a  good  time 
to  go  in  and  target  areas  that  you’ve 
needed  to  get  to  but  haven’t. 

What  are  you  cleaning  up  now?  We’re 
making  a  lot  of  infrastructure  invest¬ 
ments.  The  data  center  and  network 
infrastructure  build-out  is  where  a  lot 
of  our  focus  is  right  now. 

What  new  projects  made  the  cut  for  the 
next  12  months?  The  focus  tends  to  be 
around  international,  ease  of  use  and 
customs  clearance.  We’re  making  a  lot 
of  investments  in  the  customer  service 
[and  interactive  voice  response]  plat¬ 
forms  around  the  world  [and]  in  our  mo¬ 
bile  infrastructure.  With  FedEx  Mobile, 
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The  challenge 
we  face  isn’t 
one  technology 
being  bad  versus  others 
being  good,  it’s  about  the 
composite  complexity 
that’s  been  created  with 
generation  after  generation 
of  technology. 

we’ve  seen  more  than  500%  growth  year 
over  year.  We  continue  to  invest  in  that. 

What  technologies  did  you  deploy  to  develop 
that?  We  use  Adobe  Flex  and  AIR  on  the 
front  end.  We  can  run  AIR  applications, 
which  are  browserless  applications  that 
pull  information  from  the  Internet.  Flex 
allowed  us  to  rapidly  build  graphical  in¬ 
terfaces  that  are  animated.  You  get  very 
clear  depictions  of  what’s  going  on. 

On  the  back  end,  we  have  the  same 
high-performance  back  end  that  we’ve 
had  for  some  time.  During  a  typical 
morning  of  package  delivery  and  package 
movement,  we’re  probably  posting  about 
3,000  transactions  per  second.  At  the 
same  time,  we’re  handling  1,000  inquiries 
per  second  against  that  same  database. 

What  are  your  biggest  technology  limita¬ 
tions  or  issues?  The  one  that  vexes  us  the 
most  are  the  least  common  denominator 
technologies  that  our  customers  have. 


Some  customers  run  on  very  old  desktop 
machines  with  a  dial-up  connection.  A 
big  part  of  the  challenge  for  us  is  making 
sure  we  offer  low-bandwidth  capabili¬ 
ties  that  match  the  needs  of  a  customer’s 
site  and  at  the  same  time  provide  a  rich, 
high-performance  experience  for  people 
with  new  technologies,  new  handheld 
devices  and  broadband  capabilities. 

It’s  running  that  gamut  that’s  the  most 
challenging  limiter.  We  don’t  just  get  to 
move  along  the  current  edge  of  technol¬ 
ogy;  we  have  to  make  sure  we  move 
along  the  tailing  edge  as  well,  or  we  will 
alienate  a  lot  of  customers. 

What  emerging  technologies  do  you  find 
most  promising  for  your  organization  and 
why?  The  next  generation  of  sensors 
and  active  RFID  devices  is  going  to 
really  revolutionize  the  Internet  and 
what  is  possible. 

The  connected  Web  has  changed  the 
way  the  world  works  and  has  been  in¬ 
credibly  powerful.  We’re  getting  ready 
to  shift  to  a  new  world  where  sensors 
are  capable  of  being  online  and  part  of 
that  connected  space. 

We’re  working  hard  on  things  like 
embedding  sensors  in  critical  ship¬ 
ments  that  give  us  visibility  to  temper¬ 
ature,  vibration  and  all  those  kinds  of 
things.  We’re  piloting  that  with  some 
of  our  high-value  customers  today. 

That’s  just  one  example  of  how  high- 
performance,  actively  communicating 
sensors  will  work  their  way  onto  the 
Web  and  provide  dynamic  status  and 
location  information  that  will  automate 
transactions  in  all  kinds  of  businesses. 

How  will  sensor  technology  change  your 
business?  Passive  RFID  tags  and  bar 
codes  require  some  sort  of  interroga¬ 
tion,  whether  it’s  a  scanner  for  a  bar 
code  or  a  reader  for  RFID.  When  that 
event  isn’t  occurring,  you  don’t  have 
dynamic,  active  information  about 
that  shipment.  With  a  smart  package, 
you  can  set  all  kinds  of  alerts.  Let’s  say 
you’re  shipping  packages  for  biotech 
that  have  temperature  requirements, 
and  the  sensor  is  alert  at  all  times.  If 
a  threshold  has  been  crossed,  either 
too  hot  or  too  cold,  it  can  send  an  alert 
without  being  anywhere  near  a  scanner. 

You  can  have  a  very  high-value  ship¬ 
ment  that’s  moving  inconspicuously 
through  the  network  with  a  light  sensor 


in  it.  Once  that  package  arrives  at  its  des¬ 
tination,  it’s  fine  if  light  [hits  the  sensor]. 
But  if  light  [had  hit  the  sensor]  prior  to 
that  event,  it  means  that  the  package  had 
been  opened.  That’s  worth  sending  an 
alert  about  for  high-value  shipments. 

As  these  sensors  go  mainstream,  you 
can  think  of  all  kinds  of  applications. 

If  you  want  to  know  the  location  of  a 
high-value  shipment,  the  ability  of  GPS 
to  tell  you  exactly  where  it  is,  at  a  given 
point  in  time,  is  revolutionary.  We 
have  a  very  controlled  system  that  will 
tell  you  at  all  times  where  something  is 
when  it’s  in  our  control,  but  the  ability 
to  locate  things  on  the  spur  of  the  mo¬ 
ment  is  a  powerful  tool. 

If  you  could  rip  out  any  legacy  IT  infra¬ 
structure  technology  and  replace  it  with 
the  state  of  the  art,  what  would  you  scrap? 

There  aren’t  inherently  bad  technolo¬ 
gies,  even  when  you  look  out  in  the  leg¬ 
acy  world.  If  there  were  a  wand  I  could 
wave,  I  would  try  to  eliminate  complex¬ 
ity.  The  challenge  we  face  isn’t  one  tech¬ 
nology  being  bad  versus  others  being 
good,  it’s  about  the  composite  complex¬ 
ity  that’s  been  created  with  generation 
after  generation  of  technology. 

In  addition  to  your  day  job  at  FedEx, 
you’re  also  on  several  boards  of  direc¬ 
tors.  Why?  Our  chairman  encourages 
participation  on  relevant  boards  that 
help  us  as  a  management  team  come 
together  with  insight  into  key  markets. 

The  retail  sector  is  a  very  large  co¬ 
hort  of  the  FedEx  customer  base.  In  the 
years  I’ve  been  a  part  of  the  [Saks  Fifth 
Avenue]  board,  I’ve  learned  a  tremen¬ 
dous  amount  of  how  retail  works  and 
what’s  important.  It  makes  the  things 
we  do  to  specifically  support  custom¬ 
ers  involved  in  that  class  of  commerce 
very  relevant. 

If  there  is  one  thing  IT  professionals 
need  to  do  to  become  more  valuable, 
it’s  to  round  out  their  perspectives  and 
be  able  to  provide  valuable  business  in¬ 
sight.  One  of  the  great  ways  to  do  that 
is  to  be  involved  on  boards. 

Boards  are  more  and  more  look¬ 
ing  for  [IT]  expertise.  All  companies 
struggle  with  the  best  ways  to  deploy 
technologies  and  strive  to  have  board 
members  who  are  fairly  steeped  in  that 
world. 

—  Interview  by  Robert  L.  Mitchell 
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■  OPINION 

Winn  Schwartau 

What  It  Will  Take 
To  Wire  the  World 


CURRENTLY,  15%  of  the  human  race  is  wired.  It’s 
a  smallish  number,  really.  But  when  you  consider 
what  we  in  the  IT  industry  expect  of  those  who 
join  the  wired  elite,  it’s  something  of  a  miracle  that 
the  percentage  is  as  high  as  it  is. 


How,  then,  can  we  ex¬ 
pect  the  remaining  85%  of 
humanity  to  join  the  hun¬ 
dreds  of  millions  already 
online?  It  won’t  happen 
until  we  rethink  the  way 
technology  is  designed  and 
delivered,  concentrating 
on  three  areas  I  refer  to 
as  scalable  functionality, 
native  security  and  grace¬ 
ful  degradation.  They’re 
interrelated,  but  it’s  best  to 
consider  each  in  turn. 

The  first  rethink  re¬ 
quires  a  return  to  simplic¬ 
ity.  Technical  complexity 
causes  user  error,  poor 
security  and  systemic  fail¬ 
ure.  Increasingly  complex 
products,  with  features 
and  functions  compound¬ 
ing  themselves  with  each 
new  revision,  require 
greater  levels  of  user  so¬ 
phistication,  learning  abil¬ 
ity  and  technical  facility 
while  courting  failure  and 
misuse.  If  we  hope  to  inte¬ 
grate  the  planet,  we  must 
adapt  to  the  needs  of  a  rad¬ 
ically  different,  less  techni¬ 
cally  savvy  consumer 
who  has  not  had  the  past 


three  decades  to  become 
accustomed  to  the  ever- 
expanding  complexity  of 
the  tools  and  applications 
we  use  in  business,  educa¬ 
tion  and  entertainment. 

Instead  of  making  only 
computers,  phones  and  ap¬ 
plications  that  try  to  do  ev¬ 
erything  under  the  sun,  we 
should  provide  the  option 
of  tools  and  core  operating 
systems  that  are  substan¬ 
tially  less  bloated.  A  lot  of 
CIOs  (and  security  of¬ 
ficers,  too)  have  told  me  that 
they  would  love  to  see  up¬ 
gradable  versions  of  basic 
office  applications.  Most 
users  would  probably  need 
only  a  “lite”  version  of 
Word  or  Photoshop.  Some 
users  would  need  more, 
and  a  few  would  need  a  lot 
more.  Upgrades  for  them 
would  be  possible,  but  only 

■  Web  use  won’t 
expand  until  we 
rethink  how  tech¬ 
nology  is  designed 
and  delivered. 


after  a  risk  analysis. 

Such  scalable  function¬ 
ality  already  exists  in  a 
few  applications.  Mozilla, 
for  example,  offers  a  basic 
Firefox  browser  that  users 
can  upgrade  with  plug-ins 
and  add-ons.  What  users 
need  to  understand  is  that 
the  stability  and  security 
of  the  basic  browser  are 
increasingly  compromised 
with  each  add-on. 

That  brings  us  to  the 
second  rethink  the  indus¬ 
try  needs  to  undertake:  the 
wisdom  of  building  securi¬ 
ty  into  both  hardware  and 
software  products  from 
the  day  of  their  concep¬ 
tion.  In  a  world  where  bot¬ 
net  armies  consisting  of  as 
many  as  5  million  zombie 
machines  are  said  to  exist, 
users  have  to  know  how 
to  protect  their  computers 
from  sophisticated  attacks. 

The  tech  industry  has 
largely  ignored  its  fastest- 
growing  customer  base 
by  making  things  more 
complicated  and  not  build¬ 
ing  any  security  into  its 
products.  More  than  30 


years  after  the  introduc¬ 
tion  of  the  PC,  we  have  not 
insisted  that  vendors  build 
resilient,  self-protecting 
devices.  And  that  lack  of 
native  security  is  going  to 
scare  off  a  large  chunk  of 
that  85%  of  the  world  that 
remains  unwired. 

The  third  rethink  would 
result  in  graceful  degrada¬ 
tion.  Systems  will  fail  — 
it’s  an  unavoidable  fact  of 
life.  Most  systems,  though, 
are  designed  with  no 
thought  given  to  that  inevi¬ 
tability.  We  need  software 
and  hardware  with  semi- 
intelligent  self-awareness 
that  recognizes  anomalous 
behavior  and  reacts.  Sys¬ 
tems  could  be  allowed  to 
fail  in  part  rather  than  ex¬ 
periencing  total  collapse. 
The  industry’s  approach  to 
fault  tolerance  now  empha¬ 
sizes  complete  redundancy 
and  remote  mirrored  data 
centers  —  an  extremely 
costly,  all-or-nothing  ap¬ 
proach.  Hardware,  firm¬ 
ware  and  software  should 
be  far  beyond  a  pure  bi¬ 
nary  approach. 

These  three  concepts 
represent  a  basic  rethink¬ 
ing  of  how  we  design 
technology  and  what  we 
expect  of  it.  But  without 
some  new  thinking,  the 
world  will  never  achieve 
true  integration.  ■ 

Winn  Schwartau  is  founder 
of  SCIPP  International,  a 
global  nonprofit  organiza¬ 
tion  dedicated  to  providing 
security  awareness  training 
and  certification  services 
for  end  users  and  consum¬ 
ers,  along  with  certification 
programs  for  organizations. 
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Hi 


At  MIT’s  Media  Lab,  Ph.D. 
candidate  Pranav  Mistry’s  Sixth 
Sense  project  uses  a  camera  and  a  tiny 
projectQr  worn  around  the  neck  that  sees  what 
the  user  sees  and  projects  information  to  any 
surface,  frdm  walls  to  the  palm  of  the  user’s  hand 


For  those  of  you  who 
want  the  world  at  your 
fingertips,  the  wait  is  al¬ 
most  over. 

The  future  PC  prom¬ 
ises  to  put  nearly  every¬ 
thing  you  could  need  or 
want  right  in  your  palm. 

Think  of  a  souped-up  version  of 
today’s  smartphone,  with  a  monitor 
that  unrolls  into  a  larger  screen  and  a 
biometric  security  system  that  lets  you 


PHOTOGRAPHS  BY  SAM  .OGDEN 


access  everything  in  your  professional 
and  personal  life  from  anywhere,  with 
all  the  data  residing  in  the  cloud.  Wave 
it  at  your  car  to  unlock  the  door.  Order 
and  pay  for  your  morning  coffee  with  a 
touch  of  a  button.  Plug  it  into  a  docking 
station  and  project  that  big  presenta¬ 
tion  to  your  clients.  Book  a  weekend 
getaway  with  just  a  few  clicks. 

“PCs  are  going  from  engines  or 
tools  to  portals  and  enablers.  The  vi¬ 
sion  of  what  they’ll  be  in  the  future 


is  a  partner.  They’ll  be  participating 
in  the  higher  cognitive  tasks  of  what 
people  do  to  get  their  jobs  done,”  says 
Andrew  Chien,  director  of  research  at 
Intel  Corp. 

The  personal  computer  has  been  a 
corporate  workhorse  for  decades.  And 
while  it  has  evolved,  becoming  slim¬ 
mer  and  more  mobile,  in  many  ways  it 
still  resembles  those  gray  boxes  teth¬ 
ered  to  the  mainframe.  But  the  next 
decade  will  bring  dramatic  changes,  as 
the  PC  evolves  past  the  standard  desk¬ 
top  and  laptop  units  to  amalgamations 
of  computing  devices  and  their  periph¬ 
erals.  This  future  PC  will  be  smarter, 
too.  It  could  discreetly  remind  you  of 
the  name  of  an  acquaintance  and  alert 
you  when  it’s  time  to  take  your  medi¬ 
cine.  It  will  be  your  colleague,  your 
butler  —  and  possibly  your  friend. 

We  talked  and  corresponded  with  a 
dozen  or  so  experts  in  R&D,  IT  man¬ 
agement  and  academia  to  get  a  feel  for 
what  they’re  expecting  the  PC  to  look 
like  a  decade  from  now. 

A  NEW  LOOK 

One  thing  everyone  seems  to  agree  on: 
The  PC  of  2019  won’t  look  like  today’s 
laptops.  “I’m  not  seeing  people  carry¬ 
ing  anything  that  looks  like  a  book,” 
says  Dan  Siewiorek,  a  professor  of 
computer  science  and  electrical  and 
computer  engineering  at  Carnegie 
Mellon  University  and  director  of  the 
university’s  Human-Computer  Interac¬ 
tion  Institute.  “It  would  be  like  a  phone 
or  a  ring  or  watch.  It  will  probably  take 
multiple  form  factors.” 

Siewiorek  says  function  will  increas¬ 
ingly  influence  what  PCs  look  like.  An 
older  person  who  needs  help  with  in¬ 
dependent  living,  for  example,  might 
carry  a  PC  in  the  form  of  a  wrist- 
watch  and  use  it  as  a  virtual  coach 
that  reminds  him  about  appointments 
or  medicine  schedules.  A  technical 
worker  might  have  her  PC  in  her  eye¬ 
glasses,  allowing  her  to  access  and 
view  information  through  embedded 
monitors  and  share  what  she’s  seeing 
with  colleagues  and  supervisors  via  a 
camera  in  the  glasses.  Siewiorek  says 
he  can  even  imagine  how  PC  technol¬ 
ogy  could  revolutionize  the  way,  say, 
offshore  crane  operators  or  airplane 
mechanics  do  their  jobs. 

Continued  on  page  24 
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Conversations  for  a  Smarter  Planet 


A  mandate  for  change 
is  a  mandate  for  smart. 


The  world  is  ready  for  change-that  much  is  clear. 

For  leaders  of  all  kinds,  this  moment  presents  a  rare 
opportunity.  Our  planet  is  not  just  getting  smaller  and 
flatter.  It  is  also  becoming  smarter. 

That  is,  intelligence  is  being  infused  into  the  way  the 
world  literally  works-into  the  systems,  processes 
and  infrastructure  that  enable  physical  goods  to  be 
developed,  manufactured,  bought  and  sold.  That  allow 
services  to  be  delivered.  That  facilitate  the  movement  of 
everything  from  money  and  oil  to  water  and  electrons. 
And  that  help  billions  of  people  work  and  live.  This  means 
we  actually  have  the  potential  to  change  the  way  the 
world  works. 

That’s  good  news,  because  the  systems  by  which  the 
world  works  today  are  increasingly  unsustainable.  They 
may  be  networked,  but  it  turns  out  that  being  connected 
isn’t  enough. 

It  isn’t  enough  to  prevent  us  from  wasting  too  much 
energy.  From  spending  too  much  time  in  traffic.  From 
producing  food  too  expensively  and  wasting  too  much 
of  what  we  produce.  From  missing  too  many  sales 
opportunities  and  disappointing  too  many  customers 
because  of  inefficient  supply  chains.  From  making  too 
many  medical  errors  and  spending  too  much  to  provide 
healthcare  for  too  few.  And  most  obviously  of  late,  from 
failing  to  manage  financial  risk. 

Now,  with  computational  power  being  built  into  things 
we  wouldn’t  recognize  as  computers,  any  person, 
object,  process  or  service  and  any  organization,  large 
or  small,  can  become  digitally  aware,  connected  and 
smart.  Consider  the  changes  already  under  way. 


Smart  traffic  systems  are  helping  to  reduce  gridlock 
by  20%,  cutting  pollution  and  increasing  ridership  on 
public  transit. 

Smart  food  systems  based  on  RFID  technology 
embedded  into  supply  chains  are  monitoring  the  flow 
of  meat,  poultry  and  other  items-from  the  farm  to 
the  supermarket  shelf. 

Smart  healthcare  systems  are  helping  to  lower  the 
cost  of  therapy  by  as  much  as  90%. 

Police  departments  are  correlating  street-level 
information  from  myriad  observations  and  devices  to 
identify  crime  patterns-helping  prevent  crime  rather 
than  simply  punishing  it. 

The  list  is  long  and  the  transformation  is  just  beginning. 

Its  benefits  will  be  reaped  not  only  by  large  enterprises, 
but  also  by  mid-sized  and  small  companies-the 
engines  of  economic  growth  everywhere -and  by 
individuals  and  communities  around  the  world. 

Imagine  how  a  smarter  planet  will  transform  the  ways 
we  pursue  everything  from  economic  growth  to  societal 
progress  to  environmental  sustainability  to  cures  for 
disease,  as  well  as  the  ways  we  interact  with  each  other 
and  with  the  world. 

The  opportunity  is  before  us,  and  the  moment  will  not 
last  forever.  The  question  is,  will  we  seize  it?  As  we  look 
to  stimulate  our  economy  and  rebuild  our  infrastructure, 
will  we  simply  repair  what’s  broken?  Or  will  we  prepare 
for  a  smarter  future? 

Let’s  build  a  smarter  planet.  Join  us  and  see  what  others 
are  thinking  at  ibm.com/change 


IBM,  the  IBM  logo  and  ibm.com  are  trademarks  of  International  Business  Machines  Corporation,  registered  in  many  jurisdictions  worldwide. 
A  current  list  of  IBM  trademarks  is  available  on  the  Web  at  “Copyright  and  trademark  information"  at  www.ibm.com/legal/copytrade.shtml. 
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The  changing  ways  in  which  we 
work  and  live  —  and  the  blurring  line 
between  the  two  —  are  driving  the 
changes  we  will  see  in  our  computers. 

“The  PC  of  2019  will  be  nothing 
like  the  PC  we  know  today,”  says  Wen 
Xiao,  CIO  of  global  service  delivery  at 
London-based  telecommunications  gi¬ 
ant  BT  Group  PLC.  “It  will  be  smaller 
and  ubiquitous.  Its  function  is  less  of 
computing  and  more  of  access  control 
and  communications.  The  computing 
capabilities  will  reside  inside  the  cloud 
and  be  accessed  on  demand  by  [the] 
individual  user.” 

He  says  younger  workers,  and  cer¬ 
tainly  those  who  will  enter  the  work¬ 
force  in  the  coming  decade,  expect 
their  data  —  not  just  their  devices  —  to 
travel  with  them.  They  need  their  PCs 
to  work  wherever  they  want  them  to, 
and  they  don’t  want  to  worry  about 
storing  and  transferring  data. 

Xiao  says  virtualization  and  cloud 
computing  are  already  enabling  that 
new  level  of  mobility,  and  the  trend  is 
expected  to  accelerate.  “The  computing 
[and]  data-storage  functions  will  all 
be  virtualized  —  device-independent, 
location-independent  data  and  applica¬ 
tions  stored  somewhere  in  the  cloud, 
and  on-demand  software  applications,” 
Xiao  says. 

That,  in  turn,  changes  what  we  need 
from  hardware.  “Its  main  purpose  is 
no  longer  computing  but  identifica¬ 
tion,”  he  explains.  “As  a  result,  it  will 
be  super  small  or  most  likely  combined 
with  other  devices,  like  mobile  phone, 
key,  bio-ID,  etc.  What’s  inside  is  a 
unique  identification  of  the  user.” 

Bill  Schilit,  a  research  engineer  at 
Google  Inc.  and  associate  editor  in 
chief  of  the  IEEE  Computer  Society’s 
Computer  Magazine,  says  he,  too,  sees 
“the  trend  more  and  more  off  the  desk¬ 
top.  We  see  people  using  just  their  cell 
phones  or  a  very  thin  client  on  their 
desks  or  some  sort  of  docking  model, 
where  you  take  your  cell  phone  and 
plug  it  into  a  keyboard.” 

Moreover,  the  PCs  of  the  future  will 
put  the  accent  on  “personal,”  he  says 
(emphasizing  that  this  vision  is  his,  not 
Google’s).  Consumer  demand  for  games 
and  instant  access  to  everyday  informa¬ 
tion  —  announcements  of  school  clos¬ 
ings,  traffic  updates,  weather  reports 


THE  FUTURE  OF  THE  PC  could  drasti¬ 
cally  change  what  companies  expect 
from  IT  departments,  as  the  mobility  and 
flexibility  of  computing  will  expand  where 
and  when  employees  work. 

Wen  Xiao,  CIO  of  global  service  de¬ 
livery  at  BT  Group,  is  already  thinking 
about  what  this  means  for  IT  leaders  like 
him.  “I  am  a  big  believer  in  user-owned 
computing,”  he  says.  “In  other  words, 
[the]  user  should  be  responsible  for  pro¬ 
visioning  their  own  computing  devices, 
and  the  corporate  IT  department’s  job  is 
to  create  a  secure  enterprise  cloud  and 
control  the  access  and  authentication  of 
individual  users.” 

That  will  give  employees  more  choices, 
Xiao  says.  They  can  pick  whatever  PCs 
they  prefer  and  will  be  responsible  for 
the  maintenance  of  them.  The  specific 
computing  device  won’t  matter  to  the 
enterprise  anymore. 


—  will  drive  adoption,  he  says. 

“We’re  going  to  see  a  lot  more 
people  using  computer  phones/smart¬ 
phones  and  a  lot  more  software  for 
them,”  he  says. 

SHAPE  CHANGERS 

The  PCs  of  the  future  could  be  more 
flexible  in  every  way  —  even  physi¬ 
cally.  For  starters,  they’ll  have  adjust¬ 
able  screens  that  users  can  stretch,  roll 
or  unfold  to  open.  “So  you  can  contort 
that  device  and  make  it  bigger,  maybe 
widen  it  to  6  inches  tall  and  10  inches 
wide  so  you  can  watch  TV  or  access 
information  through  wireless  broad¬ 
band  or  peer-to-peer  technology,”  says 
Sam  Driver,  an  analyst  at  research 
firm  ThinkBalm  in  Little  Compton, 

R.I.  “Then  say  you  take  that  device  to 
your  office,  you  can  stretch  it  and  start 
working,  and  you  can  have  it  commu¬ 
nicate  in  the  office  with  printers  and 
other  devices.” 

But  that’s  just  the  beginning.  Re¬ 
searchers  are  working  on  program¬ 
mable  products  that  contain  embedded 
microprocessors  and  storage  in  the 


“We’ll  be  virtualizing  everything,  and  if 
I  virtualize  everything,  then  investing  in 
the  device  is  the  wrong  decision.  I’ll  have 
to  focus  on  the  architecture,”  Xiao  says. 

He’s  already  working  on  building  an 
enterprise  that  supports  user-owned 
computing,  where  workers  can  use 
flashcards  to  access  the  company’s 
applications  and  data. 

With  such  changes  on  the  horizon,  Xiao 
says  the  IT  department  and  even  the  role 
of  the  CIO  will  change.  Instead  of  focus¬ 
ing  on  hardware,  CIOs  will  look  at  how 
to  best  assemble  services  that  reside  in 
the  cloud,  how  those  services  can  be  ar¬ 
ranged  to  best  fit  the  business  needs  and 
give  the  company  a  competitive  advan¬ 
tage,  and  how  they  can  be  secured. 

As  Xiao  says,  “There’s  a  whole  new 
horizon  for  the  PC  of  tomorrow  and  the 
CIO  of  tomorrow.” 


material  itself.  The  material  would  be 
programmed  to  change  shape  based 
on  the  user’s  needs,  Chien  explains. 

For  example,  you  could  morph  your 
smartphone  into  a  Bluetooth  headset 
and  then  into  a  remote  control  by  just 
touching  a  button  on  the  device.  Think 
of  it  as  the  ultimate  Transformer  toy. 

“You  can  build  computing  systems 
that  conform  to  different  uses,”  Chien 
says,  noting  that  the  technology  might 
not  be  market-ready  by  2019,  but  it  will 
be  close. 

The  future  PC  will  be  different  in 
other  significant  ways  from  today’s 
desktop  system. 

There’s  a  good  chance  your  key¬ 
board  and  monitor  will  be  gone,  re¬ 
placed  by  projected  versions  instead. 
This  approach  is  already  being  pio¬ 
neered  at  the  MIT  Media  Lab. 

And  that  mouse?  It  will  be  rendered 
obsolete  within  the  decade  thanks  to 
touch-screen  technology,  Xiao  says. 

Instead,  he  says,  “output  could  be 
displayed  on  a  variety  of  surfaces,” 
including  tabletops  (as  is  the  case  with 
Microsoft  Surface  systems),  TVs  and 


-  MARY  K.  PRATT 
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mobile  phone  screens  as  well  as  verti¬ 
cal  multitouch  screens  (like  Perceptive 
Pixel  Inc.’s  offering),  e-paper  or  any 
blank  surface  for  holograms  to  be  pro¬ 
jected  on. 

Xiao  also  says  that  users  will  no 
longer  have  to  choose  between  only 
full-size  monitors  and  the  miniature 
versions  found  on  handhelds.  More¬ 
over,  the  keyboard  will  be  obsolete  or 
replaced  by  a  hologram. 

Siewiorek  says  your  PC  will  under¬ 
stand  boundaries,  too,  and  adjust  dis¬ 
plays  accordingly.  So  if  you’re  looking  at 
confidential  budgets  projected  on  a  wall 
when  someone  walks  into  your  office, 
your  PC  will  sense  that  person’s  pres¬ 
ence  and  blank  out  the  information. 

Kiss  wires  and  plugs  good-bye,  too. 
Wireless  will  rule,  and  your  PC  will 
possibly  draw  power  in  new  ways, 
Driver  says.  You  might  use  magnetic 
induction  charging  to  transfer  power 
from  the  building’s  power  supply  with¬ 
out  the  need  for  chargers,  plugs  and 
wires.  Or,  Chien  says,  your  PC  might 
scavenge  energy  from  the  environ¬ 
ment,  drawing  power  from  light  or 
heat  or  even  the  motion  around  it. 

“You  can  untether  computing  de¬ 
vices  from  power  cords  because  they 
may  well  get  some  of  the  energy  they 
need  from  the  ambient  environment,” 
he  predicts.  “So  you  can  charge  laptops 
or  mobile  phones  without  plugging 
them  in.” 

Xiao  says  that  future  PCs  will  also 
have  better,  smarter  ways  to  input  in¬ 
formation.  “Advancement  in  Semantic 
Web  and  artificial  intelligence  will 
greatly  reduce  the  need  of  data  input,” 
he  says.  “Touch  screens,  voice  com¬ 
mands,  even  brain  waves  will  become 
the  dominant  input  methods.” 

No  more  typing  in  data  or  using  a 
mouse  to  manipulate  data,  Xiao  says. 
Instead,  you’ll  wave  your  head  to  move 
files  or  direct  your  thoughts  to  input 
information.  These  advances,  once  the 
realm  of  science  fiction,  are  close  to 
becoming  mainstream  reality. 

LOOK  AROUND 

In  fact,  much  of  what’s  ahead  is  al¬ 
ready  here,  at  least  in  primitive  form. 
“Anything  you’d  likely  see  in  10  years 
is  available  now,”  says  Fred  Killeen, 
chief  technology  officer  at  General 
Motors  Corp.,  explaining  that  most 


technological  innovations  are  available 
somewhere  in  some  form  years  before 
they  become  mainstream. 

Consider  smartphones  and  wireless. 
Those  are  the  precursors  to  what’s  on 
the  horizon.  Similarly,  the  advances 
taking  place  on  the  back  end  today  — 
specifically,  cloud  computing  and  vir¬ 
tualization,  along  with  ever-increasing 
levels  of  bandwidth  —  are  laying  the 
foundation  for  what’s  ahead.  These 
technologies  will  continue  to  take  data 
and  storage  off  individual  devices,  al¬ 
lowing  users  with  the  right  credentials 
to  access  the  information  from  any¬ 
where  at  any  time  with  any  device. 

You  will  no  longer  need  to  store 
everything  on  a  hard  drive  or  transfer 
data  to  a  USB  stick,  says  Randy  Adams, 
founder  and  CEO  of  Searchme  Inc.,  a 
search  engine  company  in  Mountain 
View,  Calif.  “Mobile  devices  will  be  al¬ 
most  disposable,  because  information 
will  be  up  in  the  cloud,”  he  says. 

However,  tomorrow’s  PC  will  truly 
be  personal,  customized  with  the  soft¬ 
ware  you  choose  and  the  trove  of  per¬ 
sonal  data  it  will  work  with  —  includ¬ 
ing,  among  other  things,  credit  card 
numbers,  the  electronic  “keys”  to  your 
car  and  the  biometrics  that  secure  the 
whole  package. 

Such  big  changes  won’t  take  place 
overnight,  of  course,  and  the  new  tech¬ 
nologies  won’t  be  adopted  universally. 
After  all,  some  companies  are  still  us¬ 
ing  green-screen  mainframe  interfaces. 
“So  in  2019,  you  may  have  a  lot  of  appli¬ 
cations  that  don’t  look  a  whole  lot  dif¬ 
ferent  than  they  do  today,”  Killeen  says. 

And  there  are  challenges  on  the  path 
to  the  PC  of  2019.  The  components  of 
the  future  device  will  have  to  learn  to 
communicate  using  Wi-Fi  and  Blue¬ 
tooth.  They’ll  also  have  to  become 
smarter,  “learning”  to  work  under  the 
confines  of  social  conventions.  (You 
don’t  want  that  wristwatch-style  PC 
blurting  out  that  it’s  time  for  your 
heart  pills  while  you’re  meeting  with 
the  CEO,  do  you?)  And  they’ll  have  to 
have  appropriate  verification  and  secu¬ 
rity  layers,  says  Bill  Buxton,  a  principal 
researcher  at  Microsoft  Research.  But 
all  of  this  will  come  together  in  time, 
and  it’s  already  on  the  way. 

“The  PC  of  2019  will  look  more 
like  something  that  comes  out  of 
the  iPhone  than  out  of  what  we  cur- 


MIT  Ph.D.  candidate  Pranav  Mis  try  models  a 
wearable  projector  that  can  display  data  onto 
any  surface.  Mistry  interacts  with  the  system 
using  hand  gestures  and  wears  colored  mark¬ 
ers  on  his  fingertips  help  the  camera  track 
movements  and  interpret  his  gestures. 

rently  have  on  the  desktop  or  laptop,” 
says  Michael  Zyda,  director  of  the 
GamePipe  Laboratory  and  a  professor 
of  engineering  practice  in  the  Depart¬ 
ment  of  Computer  Science  at  the  Uni¬ 
versity  of  Southern  California.  “The 
PC  will  fit  in  your  pocket;  it  will  have 
10TB  of  online  storage  or  more  —  the 
size  of  the  entire  Library  of  Congress.” 

He  calls  this  device  “the  context 
machine”  and  says  it  will  know  “your 
location  [and]  what  you  are  prob¬ 
ably  looking  for  and  will  sense  when 
a  friend  is  nearby  and  remind  you 
of  their  name  and  the  last  thing  you 
spoke  with  them  about.” 

The  context  machine  will  preload 
itself  with  the  information  you  require, 
Zyda  says,  adding  that  “it  will  be  your 
phone,  your  e-mail,  your  office,  your 
social  secretary  and  confidant,  your  en¬ 
tertainment  center,  your  game  machine.” 

It  will  just  be  part  of  life,  he  says, 
and  it  will  be  so  personalized  that 
“there  will  not  be  the  artificial  distinc¬ 
tion  between  home  and  office  device.  It 
will  be  y our  device.”  ■ 

Pratt  is  a  Computerworld  contributing 
writer  in  Waltham,  Mass.  Contact  her  at 
marykpratt@verizon.net. 
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■  SECURITY 


.Virtualized 
Environment 

Protecting  virtualized 
resources  requires  a  mix 
of  old  and  new  security 
tactics.  By  John  Edwards 


IRTUALIZATION 
promises  to  make 
IT  departments 
more  flexible, 
more  efficient  and 
—  perhaps  most 
crucial  in  these  tough  times 
—  more  frugal.  But  one 
advantage  the  technology 
doesn’t  provide  is  an  escape 
from  the  need  for  strong  se¬ 
curity  measures. 

As  soon  as  he  began  plan¬ 
ning  his  Novell  virtualiza¬ 
tion  project,  Noah  Broad¬ 
water  realized  that  he  was 
looking  at  an  initiative  that 
would  require  both  a  contin¬ 
uation  of  existing  security 
practices  and  an  analysis  of 
any  perils  that  might  be  cre¬ 
ated  by  the  new  technology. 

“It  was  evident  that  virtu¬ 
alization  demanded  a  close 
look,”  says  Broadwater, 
who  is  vice  president  of  in¬ 
formation  services  at  New 
York-based  children’s  media 
producer  Sesame  Workshop. 
“Above  all,  we  had  to  make 


sure  that  we  would  be  se¬ 
cure  on  all  fronts.” 

Neil  MacDonald,  an  ana¬ 
lyst  at  Gartner  Inc.,  says  that 
virtualization  is  opening 
new  doors  for  IT  depart¬ 
ments  as  well  as  for  people 
who  seek  to  tamper  with 
critical  data  and  services. 

“Adopters  can  expect  that 
virtualized  software,  like 
hypervisor  software,  will 
be  attack  targets,”  he  says. 
“Therefore,  virtualization 
security  planning  should 
be  addressed  at  a  project’s 
inception.” 

CRASH  AND  LEARN 

With  IT  departments  in 
today’s  crashing  economy 
being  asked  to  do  more  with 
less,  virtualization’s  lure 
is  becoming  increasingly 
irresistible.  But  as  some 
departments  rush  headlong 
toward  the  technology  in  an 
effort  the  stretch  scarce  dol¬ 
lars,  the  temptation  arises  to 
skimp  on  security. 


Many  thrifty  managers 
believe  that  the  same  tech¬ 
nologies  currently  used  to 
protect  conventional  physi¬ 
cal  servers  can  simply  be 
extended  to  virtualized  en¬ 
vironments.  But  MacDonald 
says  that’s  a  potentially 
calamitous  assumption.  He 
notes  that  the  unwary  could 
be  trapped  by  threats  in 
several  areas,  including  soft¬ 
ware,  administration,  mo¬ 
bility,  the  operating  system 
and  network  visibility  (see 
“Virtualization’s  Soft  Spots,” 
page  27).  “There  need  to  be 
policies  to  address  these  is¬ 
sues,”  he  adds. 

Broadwater  takes  some 
common-sense  defensive 
steps,  such  as  using  fire¬ 
wall  controls  to  limit  user 
access  and  running  a  full 
array  of  security  protocols 
and  checks  on  each  virtual 
server.  In  addition,  Broad¬ 
water  says  he  depends  on 
his  virtualization  software 
vendor,  Novell  Inc.,  to  sup¬ 
ply  a  product  that’s  resistant 
to  intrusions  and  attacks. 

He  says  he  worries  about 
“holes  in  the  virtualization 
software  itself  —  kernel  at¬ 
tacks,  someone  attacking 
the  host  module  or  one  of 
my  guys  making  a  mistake 
against  the  host  server 
—  and  then  making  sure 
that  the  full  virtualization 
software  is  actually  secure 
and  is  patched.” 

Broadwater  says  he’s 
confident  that  his  vendor  is 
keeping  pace  with  virtual¬ 
ization  threats  as  they  arise. 

He  feels  that  beyond 
technology-driven  mea¬ 
sures,  it’s  helpful  for  enter¬ 
prises  to  keep  details  about 
virtual  environments  close 
to  their  vests  in  order  to  de¬ 
ter  unwanted  attention.  “In 
a  lot  of  cases,  we  don’t  even 
tell  people  that  they’re  run¬ 
ning  on  a  virtual  box  or  that 
they’re  actually  accessing  a 
virtual  box,”  Broadwater  says. 


Oyvind  Kaldestad,  vice 
president  of  corporate  IT 
at  Lionbridge  Technologies 
Inc.,  a  business  outsourc¬ 
ing  and  training  company 
in  Waltham,  Mass.,  says 
his  top  concern  is  malware 
infections  finding  their  way 
into  his  client  enterprises’ 
Microsoft-based  virtual 
environments. 

“I  would  be  really  worried 
about  having  a  host  or  par¬ 
ent  partition  being  able  to 
access  and  cause  a  virus  or 
other  type  of  infection  on  a 
child  partition  —  that  would 
be  a  bad  scenario,”  he  says. 

Kaldestad  is  also  con¬ 
cerned  about  child  parti¬ 
tions  using  virtualization 
to  talk  to  one  another  and 
spread  infections.  But  like 
Broadwater,  he’s  confident 


TERMS 

DEFINED 

Hypervisor;  This  virtu¬ 
alization  platform  allows 
the  operation  of  multiple 
operating  systems  on  the 
same  physical  computer. 

Parent  partition/child 
partition:  In  a  Microsoft 
virtualization  environ¬ 
ment,  the  parent  partition 
creates  and  manages  the 
child  partitions  on  which 
users  create  virtual  ma¬ 
chines  and  install  guest 
operating  systems. 

Slave  DNS  server: 

In  virtual  Web  hosting, 
a  slave  domain  name 
server  functions  as  a 
backup  to  the  primary 
DNS  server. 

VM:  A  virtual  machine 
is  a  software  version 
of  a  computer  that  acts 
like  -  and  looks  to  the 
network  like  -  a  separate 
physical  machine. 
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that  his  vendor  has  a  handle 
on  the  issue. 

Steve  Milligan,  director 
of  academic  computing  and 
technology  at  Arkansas 
Tech  University,  says  that 
component  segregation 
is  vital  to  protecting  his 
VMware-driven  virtual 
desktop  environment. 

“We  keep  our  virtual 
desktops  separate  from  our 
production  servers,  and  we 
keep  our  development  serv¬ 
ers  separated  as  much  as 
possible  from  our  production 
servers,”  he  says.  “One  of  my 
biggest  concerns  is  having  a 
host  or  a  VM  that’s  compro¬ 
mised  and  allowing  unwant¬ 
ed  access  to  other  systems 
within  our  environment.” 

Milligan  acknowledges 
that  he  underestimated  the 
security  challenge  when  de¬ 
signing  his  virtualized  envi¬ 
ronment.  “Security  was  not 
on  the  forefront,”  he  says. 
“We  weren’t  thinking  of  de¬ 
signing  our  virtual  environ¬ 
ment  any  differently  from 
our  physical  environment. 
That  was  a  mistake,  and 
we’ve  learned  from  that.” 

Like  many  others  manag¬ 
ing  a  virtualized  environ¬ 
ment,  Milligan  would  like 
vendors  to  provide  more 
and  better  visibility  tools. 

“It’s  that  unknown  —  not 
knowing  what’s  going  on  in 
your  virtual  environment,” 
he  says.  “Not  just  what’s 
communicating  with  your 
servers  from  the  outside,  but 
what’s  going  on  internally 
between  those  virtual  serv¬ 
ers  and  desktops.” 

Although  safeguarding 
virtualized  environments 
requires  new  insights  and 
practices,  conventional  se¬ 
curity  still  plays  a  role.  Like 
many  experienced  adopters, 
Broadwater  says  that  virtu¬ 
alization  security  begins  at 
the  host. 

“It’s  general  security 
stuff,”  he  says.  “Make  sure 


that  your  security  patches 
are  up  to  date  and  that  you 
have  proper  antivirus  [tools] 
that  are  sitting  behind  a 
proper  firewall.” 

To  further  ensure  that  his 
virtual  deployment  is  as  se¬ 
cure  as  possible,  Broadwater 
periodically  turns  to  an  out¬ 
side  security  firm  to  probe 
the  environment  for  lurking 
vulnerabilities.  “We  usu¬ 
ally  hire  a  company  to  do 
a  security  penetration  test 
once  a  year,”  he  says.  “From 
the  penetration  test,  we  look 
at  the  vulnerabilities  and  go 
back  to  the  vendors  and  ask 
them  how  they  can  help  us 
resolve  these  issues.” 

Kaldestad  says  prospec¬ 
tive  virtualization  adopters 
can  get  a  handle  on  how 
vendors  approach  and  man¬ 
age  security  by  carefully 
scrutinizing  each  provider’s 
virtualization  architecture. 

“Try  to  figure  out  what 


type  of  attack  vectors  could 
possibly  be  used,”  he  ad¬ 
vises.  “By  looking  at  how 
things  are  architected,  you 
can  find  out  quite  a  bit  about 
potential  vulnerabilities.” 

REALITY  CHECK 

Not  all  IT  managers  are  los¬ 
ing  sleep  over  virtualization 
security.  Some  feel  that  the 
issue  is  being  hyped.  They 
say  that  critics  overlook  the 
fact  that  most  vulnerabili¬ 
ties  are  addressable  and  that 
many  adopters  are  simply 
using  virtualization  to  save 
money  by  consolidating 
low-priority  —  and  low-risk 
—  tasks. 

Nicholas  Tang,  vice  presi¬ 
dent  of  technology  opera¬ 
tions  at  Interactive  One,  the 
online  division  of  the  U.S.’s 
largest  African-American 
radio  network,  says  he  be¬ 
lieves  that  as  long  as  critical 
data  isn’t  sent  into  a  virtual- 


We  weren’t 
thinking  from 
the  standpoint  of 
designing  our  virtual 
environment  any 
differently  from  our 
physical  environ¬ 
ment.  That  was  a 
mistake,  and  we’ve 
learned  from  that. 

DIRECTOR  OF  ACADEMIC 
COMPUTING  AND  TECHNOLOGY, 
ARKANSAS  TECH  UNIVERSITY 


ized  environment,  virtual¬ 
ization  requires  no  special 
security  protections. 

“We  treat  [virtualized 
servers]  like  standard  serv¬ 
ers  and  take  standard  good- 
practice  measures,  but  noth¬ 
ing  specific  to  the  virtualized 
environment,”  says  Tang, 
who  uses  Oracle  VM  tech¬ 
nology  to  consolidate  lightly 
loaded  servers,  such  as  slave 
DNS  and  utility  servers. 

Yet  Scott  Crawford, 
security  and  risk  manage¬ 
ment  research  director  at 
Enterprise  Management  As¬ 
sociates  Inc.,  a  technology 
research  firm  in  Boulder, 
Colo.,  warns  that  it’s  still 
important  not  to  be  lulled 
into  a  false  sense  of  security, 
since  no  enterprise  wants 
to  invite  an  attack  or  intru¬ 
sion,  even  if  the  tasks  being 
virtualized  are  relatively 
minor.  “Nobody  wants  to  be 
a  victim  and  to  have  to  clean 
up  a  mess,”  he  says. 

Milligan  agrees.  “Virtu¬ 
alization  is  a  very  exciting 
technology  that  offers  IT 
managers  a  better  way  to 
manage  some  of  their  sys¬ 
tems,”  he  says.  “But  don’t  get 
too  excited  over  the  benefits 
and  look  past  the  security. 
That  could  be  dangerous.”  ■ 
Edwards  is  a  freelance 
writer  in  Gilbert,  Ariz. 
Contact  him  at  jedwards@ 
gojohnedwards.com. 


VIRTUALIZATION’S 
SOFT  SPOTS 


Gartner  analyst  Neil  Mac¬ 
Donald  identifies  eight 
areas  of  potential  weak¬ 
nesses  in  virtualized  envi¬ 
ronments: 

■  Virtualization  software, 
such  as  hypervisors,  which 
represent  a  new  layer  of 
privileged  software  that 
could  be  attacked  and  must 
be  protected. 

■  Loss  of  separation  of  du¬ 
ties  for  administrative  tasks, 
which  can  lead  to  a  break¬ 
down  of  defense  in  depth. 

■  Kludgy  processes  for 
patching,  signature  updates 
and  protection  from  tamper¬ 
ing  for  offline  VM  and  VM 
“appliance”  images.  The 
process  for  developing, 
testing  and  certifying  fixes 
is  lengthy  and  cumbersome, 
leaving  systems  vulnerable. 


■  Patching  and  secure 
confirmation  management 
of  VM  appliances  where  the 
underlying  operating  system 
and  configuration  aren’t  ac¬ 
cessible,  making  it  difficult  for 
users  to  secure  their  environ¬ 
ments  without  vendor  help. 

■  Limited  visibility  into 
the  host  operating  system 
and  virtual  network  to  find 
vulnerabilities  and  assess 
proper  configuration. 

■  A  restricted  view  into 
traffic  among  VMs  for 
inspection  by  intrusion- 
prevention  systems. 

■  Mobility.  Mobile  VMs  will 
require  security  policies  and 
settings  to  mitigate  risk. 

■  Immature  and  incom¬ 
plete  security  and  manage¬ 
ment  tools. 

-  JOHN  EDWARDS 
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■  COMPUTERWORLD  HONORS 


Innovative  software  brings 
diagnostic  cardiac  care  to 
remote  villages  in  India. 

By  Mary  K.  Pratt 


ILLIONS 
of  people 
live  in  pov¬ 
erty  in  the 
vast  rural 
regions  of  India’s  Andhra 
Pradesh  state.  The  country’s 
tech  revolution  and  subse¬ 
quent  economic  boom  ap¬ 
parently  passed  them  over. 

But  the  Byrraju  Founda¬ 
tion  had  faith  in  technology 
and  its  ability  to  transform 
lives,  even  in  the  remote 
reaches  of  India. 

The  foundation  aims  to 
help  build  self-reliant  rural 
communities  by  providing 
a  variety  of  comprehensive 
services,  including  health 
care,  education,  environ¬ 
mental  programs  and  the 
delivery  of  clean  water.  And 
its  work  harnesses  IT  to  de¬ 
liver  increasingly  complex 
services,  such  as  virtual 
medical  consultations  and, 
now,  virtual  electrocardio¬ 
grams  and  cardiac  diagno¬ 
ses. 

“There  was  a  crying 
need  that  wasn’t  being  met 
at  the  village  level.  But  we 
realized  if  we  could  not  get 
the  patient  and  the  doctor 


together  in  the  village,  we 
could  take  the  patient  virtu¬ 
ally  to  a  doctor  in  the  city,” 
says  Verghese  Jacob,  head  of 
the  foundation.  “This  was 
precisely  the  intervention 
we  needed.” 

The  Computerworld 
Honors  program  named  the 
foundation  the  winner  in 
the  category  for  nonprofit 
organizations,  for  its  inno¬ 
vative  use  of  technology  to 
deliver  electrocardiograms, 
or  EKGs,  to  rural  Indians. 

The  foundation  first  fo¬ 
cused  on  providing  primary 
health  care  to  rural  com¬ 
munities  before  launching 
other  initiatives  designed  to 
improve  the  lives  of  impov¬ 
erished  villagers. 

Although  these  programs 
have  reached  many  —  to 
date,  they’ve  helped  more 
than  3  million  people  in 
nearly  200  villages  —  the 
Byrraju  Foundation  saw 
opportunities  to  do  more, 
particularly  when  it  came 
to  providing  critical  health 
care  services. 

The  foundation  already 
had  doctors  and  nurses 
working  in  the  villages,  but 
Jacob  says  many  villagers 
required  specialized  care 


We  realized 
if  we  could 
not  get  the  patient 
and  the  doctor 
together  in  the  vil¬ 
lage,  we  could  take 
the  patient  virtu¬ 
ally  to  a  doctor  in 
the  city. 

HEAD  OF 

THE  BYRRAJU  FOUNDATION 
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AT  A  GLANCE 


The  Byrraju 
Foundation 

HYDERABAD,  INDIA 

The  Byrraju  Foundation  was 
established  in  2001  in  memory 
of  the  late  Byrraju  Satyana- 
rayanaRaju,  founder  of  the 
Satyam  group  of  companies.  It 
is  a  nonprofit  organization  that 
provides  a  range  of  services 
to  help  communities  in  rural 
India  become  self-reliant.  The 
foundation  has  helped  more  than 
3  million  people  in  185  villages  in 
the  state  of  Andhra  Pradesh.  It 
has  1,200  employees  and  11,000 
volunteers,  90%  of  whom  live 
in  the  villages.  It  spends  more 
than  $8  million  (U.S.)  on  projects 
annually;  of  that  total,  $3  million 
comes  from  trustees,  and  the  rest 


is  from  external  agencies,  the 
government  and  user  charges. 

PROJECT  CHAMPIONS: 

Joseph  Thomas,  who  leads  IT 
at  the  foundation;  Dr.  Srinivas 
K.  Iyengar,  lead  partner  and 
integrator  for  the  foundation’s 
health  module;  and  IT  project 
lead  B.  Swami  Nathan  of  Satyam 
Computer  Services  Ltd. 

IT  EMPLOYEES:  The  founda¬ 
tion  employs  about  a  dozen  IT 
workers  and  uses  Satyam  con¬ 
sultants  for  additional  support. 

ROI:  The  foundation  doesn’t 
look  at  dollar  returns.  Its  real  ROI 
comes  from  providing  medical 
services  to  patients  who  would 
otherwise  have  difficulty  access¬ 
ing  such  care  because  of  geo¬ 
graphical  and  financial  barriers. 


that  they  could  receive  only 
in  distant  cities. 

More  specifically,  many 
villagers  needed  cardiac 
care.  A  significant  number 
of  them  had  diabetes,  hyper¬ 
tension  and  other  heart- 
related  conditions,  and  they 
had  to  travel  hundreds  of 
miles  to  urban  hospitals  for 
EKGs  and  follow-up  consul¬ 
tations  with  cardiologists. 
Such  trips  could  cost  $25 
or  more  and  generally  took 
several  days  —  daunting 
prospects  for  people  whose 
family  incomes  are  often 
$1  a  day. 

“The  result  was  that 
unless  it  was  absolutely 
necessary,  they  postponed 
going  to  the  doctor,”  says 
Dr.  Srinivas  K.  Iyengar, 
lead  partner  and  integrator 
for  the  foundation’s  health 
module. 

Although  the  Byrraju 
Foundation  already  had 
some  videoconferencing 
equipment  to  link  rural 
health  clinics  to  urban  hos¬ 
pitals,  Jacob  says  foundation 


officials  believed  that  villag¬ 
ers  needed  more  than  vir¬ 
tual  consultations.  To  meet 
that  need,  the  foundation 
expanded  its  telemedicine 
program  in  2007  beyond 
consultations  to  diagnostics 
as  well. 

Today,  the  foundation 
has  the  capacity  to  per¬ 
form  EKGs  on  villagers  in 
its  rural  health  clinics  and 
transmit  the  data  to  cardi¬ 
ologists,  who  then  consult 


via  teleconference  with  the 
patient  —  all  at  a  fraction  of 
the  time  and  money  it  would 
take  to  provide  the  same 
services  face  to  face. 

Nurses  in  the  villages 
connect  probes  from  a  com¬ 
puter  to  a  patient  to  perform 
the  EKG.  When  the  test 
is  completed,  a  Tele-EKG 
application,  developed  by 
Satyam  Computer  Services 
Ltd.  and  SN  Informatics 
Pvt.,  sends  the  results  to 
Narayana  Hrudayalaya,  a 
Bangalore  hospital  special¬ 
izing  in  cardiac  treatment. 
Within  15  minutes,  a  car¬ 
diologist  provides  analysis 
and  recommendations  for 
treatment  or  follow-up  care. 

Approximately  5,000 
people  have  already  under¬ 
gone  these  virtual  tests  and 
consultations,  Jacob  says. 

Villagers  are  pleased  to 
have  this  service  available 
to  them,  says  Dr.  K.  Sivaji, 
a  medical  officer  at  the 
Byrraju  Foundation.  They 
recognize  the  importance  of 
having  easy  access  to  poten¬ 
tially  life-saving  EKGs,  and 
Sivaji  says  he  believes  such 
services  should  be  part  of 
every  health  center  that  the 
foundation  establishes. 

The  foundation’s  success 
hasn’t  escaped  the  notice  of 
other  humanitarian  organi¬ 
zations. 


of  the  cost 
of  travel],  unless 
it  was  absolutely 


poned  going  to 
the  doctor. 


LEAD  PARTNER 
AND  INTEGRATOR  FOR  THE 
FOUNDATION'S  HEALTH 
MODULE 


“The  initial  good  re¬ 
sponse  to  the  telemedicine 
work  has  resulted  in  further 
piloting  of  a  more  scalable 
model  making  use  of  data 
cards  on  mobile  platforms,” 
says  John  Borgoyary,  pro¬ 
gram  officer  at  the  New 
Delhi-based  poverty  unit  of 
the  United  Nations  Develop¬ 
ment  Programme.  UNDP 
India  has  helped  finance 
two  of  the  foundation’s  in¬ 
formation  and  communica¬ 
tions  technology  projects 
for  development. 


TAKING  THE  NEXT  STEP 

The  Byrraju  Foundation 
already  had  a  strong  base 
from  which  to  build  when 
it  started  its  EKG  initiative. 
It  had  provided  its  health 
centers  with  medical  equip¬ 
ment,  nurses  and  doctors. 
The  group  had  installed 
teleconferencing  equipment 
in  many  centers  so  its  rural 
health  care  workers  could 
consult  with  doctors  at  ur¬ 
ban  hospitals. 

“Then  we  figured  we 
could  use  the  telemedicine 
for  diagnostics.  If  you  con¬ 
nect  probes  from  the  com¬ 
puter  to  the  patient,  the  EKG 
can  be  sent  to  cardiologists 
in  the  city,  and  then  both  the 
doctor  and  the  patient  can 
see  and  talk  to  each  other,” 
Jacob  says. 

To  coordinate  this  cardiac 
care  between  villagers  and 
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city  doctors,  the  founda¬ 
tion  needed  hardware  and 
software  that  was  reliable, 
functional  and  user-friendly, 
says  Joseph  Thomas,  who 
leads  IT  at  the  Byrraju 
Foundation. 

The  foundation  opted 
for  a  Satyam  application 
that  provides  real-time 
collaboration  through  IP- 
based  videoconferencing. 
The  point-to-multipoint 
videoconferencing  system 
is  installed  in  more  than 
30  villages.  According  to 
foundation  officials,  this 
software  is  less  expensive 
and  more  flexible  than 
older,  hardware-based  video- 
conferencing. 

The  system  works  on  a 
broadband  wireless  network 
based  on  802.11b/g  tech¬ 
nology,  Thomas  says.  The 
foundation  built  it  with  Me¬ 
dia  Lab  Asia. 

Thomas  says  the  founda¬ 
tion’s  IT  staff,  along  with  Sa¬ 
tyam  consultants,  developed 
the  software  to  make  all  the 
pieces  work  together. 

B.  Swami  Nathan,  Saty- 
am’s  IT  point  person  for  the 
Byrraju  Foundation  project, 
says  the  system  consists  of 
data-processing  hardware 
and  software  at  both  the 
patient  and  doctor  locations 
and  essential  diagnostic 
instruments,  including  the 
EKG  machines  themselves. 
The  foundation  chose  EKG 
equipment  from  Schiller  AG 
in  Baar,  Switzerland. 

A  server  in  a  central  site 
functions  as  the  main  data 
repository  and  controls  the 
various  patient  locations. 

It  processes  data,  images 
and  video  in  accordance 
with  health  care  standards. 
Patients  and  doctors  then 
communicate  through  IP- 
based  technology,  Nathan 
explains. 

It’s  a  project  that  could 
be  done  only  through  IT,  he 
adds.  “Though  the  cardiac 


Patient  arrives 
at  Ashwlni 
Clinic  (referred 
from  village). 


Follow-up  care 
is  provided 
through 
Ashwini  Clinic. 


Basic  details,  history, 
observations  and  tests 
are  captured. 


In  the  case  of  an  advanced 
diagnosis,  patient  gets 
consultation/admission 
at  a  hospital. 


Patient  vitals  are  measured 
and  digital  EKG  is  taken  by 
trained  health  care  workers 
and  sent  to  referral  centers. 


Referral  center  responds 
with  EKG  interpretation 
within  five  to  10  minutes 
and  suggests  next  steps. 


SOURCE:  THE  BYRRAJU  FOUNDATION 


hospital  provided  its  servic¬ 
es  gratis,  the  hardware  and 
software  enabled  interpreta¬ 
tion  of  patients’  EKGs  from 
remote  locations,  using  the 
Internet  as  the  key  enabler,” 
Nathan  says. 


LAST-MILE  OBSTACLES 

But,  as  with  most  technol¬ 
ogy  implementations,  the 
foundation  faced  challenges 
in  delivering  its  virtual 
medical  system,  Jacob  says. 
And  it  still  faces  challenges 
maintaining  it. 

In  some  areas,  for  ex¬ 
ample,  the  foundation  had 
to  provide  the  last  mile  of 
connectivity.  “The  informa¬ 
tion  highway  is  still  [being 
built]  in  India.  We  looked  at 
the  nearest  fiber-optic  links, 
and  if  it  was  close  to  the  vil¬ 
lage,  we  could  build  it  out; 
if  not,  we  did  mobile,”  Jacob 
explains. 

Meanwhile,  the  founda¬ 
tion  has  to  contend  with  oc¬ 
casional  blackouts,  network 
outages  and  fluctuations  in 


We  looked 
.*■.  at  the  near¬ 
est  fiber-optic 


was  close  to  the 
village,  we  could 
build  it  out;  if  not, 
we  did  mobile. 
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THE  BYRRAJU  FOUNDATION 


bandwidth,  Jacob  says. 

Despite  these  obstacles, 
the  foundation  remains 
committed  to  implementing 
EKG  services  at  as  many  ru¬ 
ral  health  centers  as  it  can. 
As  of  the  fall,  the  foundation 
offered  those  services  in  46 
centers,  with  most  using 
broadband  and  others  us¬ 
ing  Indian  Space  Research 
Organization  satellite  con¬ 
nections. 

Jacob  says  he  expects  that 
80  health  centers  will  soon 
offer  telemedicine  services, 
including  EKG  diagnostics. 

In  the  future,  Thomas 
says,  the  foundation  should 
benefit  from  the  explosive 
expansion  of  India’s  mobile 
telecommunications  infra¬ 
structure.  He  adds  that  the 
foundation  should  be  able 
to  extend  telemedicine  and 
telediagnostics  capabili¬ 
ties  to  centers  using  mobile 
phones  rather  than  building 
out  the  last  mile  of  land- 
based  connectivity. 

As  the  expansion  contin¬ 
ues,  the  foundation  plans 
to  offer  additional  virtual 
diagnostic  services  using  kits 
of  medical  equipment  and 
computer  hardware  and  soft¬ 
ware  from  Neurosynaptic 
Communications  Pvt.  in  Kar¬ 
nataka,  India,  Thomas  says. 

To  do  that,  foundation 
workers  are  already  plan¬ 
ning  strategies  for  dealing 
with  the  challenges  they  en¬ 
countered  implementing  the 


EKG  offering.  Thomas  says 
the  new  diagnostic  kits  will 
be  able  run  on  renewable 
energy  and  backup  batter¬ 
ies  in  case  the  health  clinics 
lose  power. 

Setting  up  the  IT  in¬ 
frastructure  and  Schiller 
EKG  equipment  costs  ap¬ 
proximately  $6,000  (U.S.) 
per  health  care  center,  with 
most  costs  going  toward 
hardware  and  connectivity, 
Jacob  says. 

The  foundation  doesn’t 
invest  in  technology  for 
financial  gain,  of  course, 
but  Jacob  says  the  financial 
results  are  telling.  Because 
the  costs  are  relatively  low, 
he  says,  the  foundation  can 
break  even  in  less  than  a 
year  —  even  if  it  charges  pa¬ 
tients  only  $1  each. 

But  the  real  return,  Jacob 
says,  is  seeing  the  social 
gains  made  in  villages  be¬ 
cause  of  the  technology.  He 
says  more  and  more  villag¬ 
ers  are  now  getting  the  care 
they  need;  in  some  cases, 
the  technology  is  even  pro¬ 
longing  and  saving  lives. 

“Every  person  should 
have  access  to  the  best 
health  care.  It  should  be  a 
universal  right,”  Thomas 
says.  “And  technology  con¬ 
nectivity  solutions  can  be 
used  to  bring  this  about.”  ■ 
Pratt  is  a  Computerworld 
contributing  writer  in 
Waltham,  Mass.  Contact  her 
at  marykpratt@verizon.net. 
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Your  IT  challenges 
come  in  all  sizes. 

So  do  our  solutions. 


From  power  outages  to  downed  email,  SunGard  is  there  to  keep  it  all  flowing. 
What  makes  10,000  customers  trust  and  depend  on  SunGard?  A  30-year 
history  of  doing  it  right. 

With  the  widest  range  of  Information  Availability  services  in  the  industry, 
SunGard  offers  the  solutions  to  cover  it  all— no  matter  what  the  availability 
requirement,  from  production  to  recovery.  SunGard's  infrastructure  has 
redundancies  at  every  level— we’ve  invested  so  you  don’t  have  to.  At  SunGard, 
we  know  you  need  higher  levels  of  availability,  and  we  deliver.  So  leave  your 
worries  to  us. 


To  leam  more  about  how  to  keep  your  people  and  information  connected, 
visit  www.availability.sungard.com/sg2  or  call  1  -866-531-3407. 


AdvancedRecoverySM  with  a  100%  recovery  record 
and  a  breadth  of  services  offered 

AdvancedHostingSM  with  over  2,000  customers 
and  34  production  facilities  with  a  range  of  managed 
IT  services 

Consulting  with  more  than  100.000  action  \. 
plans  delivered 


SUNGARD 

Availability  Services 


■  SECURITY  MANAGER’S  JOURNAL  J.F.  RICE 

Layoffs  Put  Security 
On  the  Back  Burner 

Nearly  half  of  the  security  staff  is  being 
laid  off.  Will  a  bare-bones  team  be  able 

company’s  assets? 


to  protect  the 


r*"'"* . "f  HE  WORST 

has  happened. 
I  have  to  cut 
almost  half  of 
my  informa¬ 
tion  security  staff  because, 
in  this  economy,  the  com¬ 
pany  is  losing  money  faster 
than  anybody  anticipated. 
The  cuts  will  include  over 
a  third  of  our  global  IT 
department,  and  even  that 
may  not  be  enough.  We 
may  need  another  round 
of  layoffs  if  things  don’t  get 
better  soon. 

This  is  going  to  have 
a  devastating  impact  on 
our  ability  to  provide  ser¬ 
vices  to  the  company  and 
protect  its  assets.  With  a 
bare-bones  staff,  our  IT 
department  won’t  be  able 
to  roll  out  any  new  capa¬ 
bilities;  all  resources  will 
be  focused  on  keeping  our 
technological  lights  on.  It’s 
amazing  how  fast  things 
are  falling  apart.  At  this 
rate,  I’ll  be  lucky  if  there’s 
a  company  to  protect  by 
the  end  of  this  year. 

It’s  demoralizing.  De¬ 
spite  my  best  efforts,  I 
wasn’t  able  to  protect  my 
staff,  and  now  we’re  at  risk 
of  losing  ground  on  every¬ 
thing  we’ve  accomplished. 
We  spent  all  of  last  year 


establishing  our  fledgling 
information-security  pro¬ 
gram.  Things  were  starting 
to  look  up,  but  we  can  say 
goodbye  to  all  that  for  now. 

For  example,  we  fought 
an  uphill  battle  to  get  our 
IT  organization  onboard 
with  patching  our  servers, 
and  we  were  just  starting 
to  see  some  improvement. 
Previously,  our  servers  were 
not  being  patched  at  all. 
They  were  just  being  built, 
deployed  and  forgotten. 

Today,  about  20%  of  our 
servers  are  being  regu¬ 
larly  patched.  They  were 
the  lowest-hanging  fruit 
—  noncritical  servers  that 
were  low  risk.  We  were 
just  starting  to  address 
the  other  80%  of  our  serv¬ 
ers,  but  now  I  have  grave 
doubts  that  they  will  be 
on  a  regular  patch  cycle 
anytime  soon.  It’s  even 
possible  that  we’ll  be  un¬ 
able  to  maintain  the  patch- 

H  It’s  demoral¬ 
izing  Despite 
my  best  efforts, 

I  wasn’t  able  to 
protect  my  staff, 
and  now  we  risk 
losing  ground. 


ing  routine  we  fought  so 
hard  for. 

Given  the  gravity  of  our 
situation,  we  also  won’t 
be  able  to  keep  our  out¬ 
sourced  third-party  ser¬ 
vices.  And  my  decimated 
staff,  already  a  skeleton 
crew  before  the  layoffs  hit, 
isn’t  going  to  be  able  to 
pick  up  the  slack.  In  effect, 
we  simply  won’t  be  able  to 
do  much  of  anything  that 
an  information  security 
department  needs  to  do. 
Day-to-day  operations 
are  going  to  suffer,  and  I 
certainly  don’t  know  how 
we’ll  be  able  to  find  the 
time  to  design  security 
for  new  projects.  Oh  well, 
that’s  something  I  prob¬ 
ably  shouldn’t  worry  about 
too  much,  since  chances 
are  slim  that  there  will  be 
many  of  those  this  year. 
After  taking  one  long, 
challenging  step  forward, 
we’re  taking  two  big,  fast 
steps  backward. 

TOO  MANY  REGRETS 

I  wrote  in  an  earlier  in¬ 
stallment  of  this  column 
about  our  budget  not  in¬ 
cluding  funds  for  disaster 
recovery  for  new  applica¬ 
tions.  I  complained  might¬ 
ily  at  the  time,  but  that 


Trouble 

Ticket 

AT  ISSUE:  Layoffs  are 
ordered,  and  there’s  no 
guarantee  that  there  won’t 
be  more. 


ACTION  PLAN:  Take  stock 
of  what  the  smaller  team 
can  still  manage  to  do. 

now  seems  like  one  of  my 
lesser  worries.  Again,  how 
many  applications  will  our 
overtaxed  IT  department 
be  rolling  out  this  year? 

But  this  situation  car¬ 
ries  other  regrets  for  me. 
Prevention  of  data  leak¬ 
age,  which  is  something 
this  company  desperately 
needs,  will  have  to  go  on 
the  back  burner  because 
we  can’t  afford  to  work  on 
something  like  that  right 
now.  Third-party  security 
audits  are  out  the  window, 
as  are  any  other  new  ca¬ 
pabilities  that  have  a  price 
tag  attached  to  them. 

Worst  of  all,  of  course,  is 
dismantling  my  top-notch 
security  team,  which  I 
painstakingly  built  up  over 
the  past  18  months  and 
staffed  with  great  people. 
Some  will  stay,  but  many 
must  go.  It’s  one  of  the 
most  painful  decisions  a 
manager  has  to  make. 

I’ve  been 
through  this  sort 
of  thing  before, 
but  that  doesn’t 
make  it  any 
easier.  In  fact,  it 
affected  me  so 
much  last  time  that  I  swore 
off  management  for  sever¬ 
al  years.  This  is  a  situation 
I  wouldn’t  wish  on  anyone. 
Let’s  hope  things  get  better 
before  they  get  worse.  ■ 
This  week’s  journal  is 
written  by  a  real  security 
manager,  “J.F.  Rice,”  whose 
name  and  employer  have 
been  disguised  for  obvious 
reasons.  Contact  him  at 
jf.rice@engineer.com. 
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STATUS  QUO  SOLUTIONS 


NO  CONTEST 


Traditional  network  and  data  protection 
providers  resist  advancement.  They  stick  to  the 
status  quo,  no  matter  how  primitive  it  becomes. 
But  now,  there’s  a  more  evolved  solution 
provider.  SonicWALL®  enables  organizations  to 
move  ahead  with  a  comprehensive  line-up  that 
advances  both  protection  and  performance. 

■  SonicWALL’s  NSA  E7500  next  generation 
firewall  provides  a  major  breakthrough- 
full  Unified  Threat  Management  protection 
along  with  1,288  Mbps  in  network  throughput. 

■  SonicWALL  Aventail  E-Class  Secure  Remote 
Access  delivers  best-in-class  access  along 
with  the  status  quo  disrupting  ability  to  easily 
establish,  manage,  and  enforce  real  granular 
control  over  every  endpoint. 

SonicWALL  CDP  makes  tape  backup  and 
recovery  look  prehistoric  with  the  only 
end-to-end,  automatic,  disk-based  offering 
for  both  data  and  systems  and  flexible 
disaster  recovery  options. 

»  SonicWALL  Email  Security  delivers  best- 
in-class  protection  against  spam  and 
other  email  threats  like  phishing,  and  can  be 
deployed  in  minutes  and  maintained  in 
minutes  a  week.  That’s  a  level  of  simplicity 
that  the  status  quo  can’t  touch. 


■  SonicWALL  Global  Management  System 
provides  a  flexible,  powerful,  intuitive,  and 
civilized  way  to  manage  and  deploy  SonicWALL 
appliances  and  security  policy  configurations. 


Learn  more  about  SonicWALL’s  advancements 
in  high-performance  protection  VS  the  status 

quo  at  www.sonicwall.com/performance 
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■  OPINION 


Google:  The  Next 
Evil  Empire? 

AMONG  MANY  of  the  tech  cognoscenti,  Microsoft 
has  been  portrayed  much  like  the  evil  Galactic  Em¬ 
pire  in  Star  Wars :  a  tyrannical  regime  bent  on  con¬ 
quering  the  universe  for  its  own  nefarious  ends. 


Google,  on  the  other 
hand,  has  been  seen  as 
having  the  spirit  of  a 
can-do  band  of  rebels, 
relying  on  its  guile  and 
innate  goodness  to  fight 
the  evil  empire. 

My,  how  times  have 
changed. 

Today,  Google  re¬ 
sembles  no  company  so 
much  as  it  does  Microsoft 
in  its  global  ambitions,  its 
clear-eyed  focus  on  the 
bottom  line  and  —  for 
the  first  time  —  a  host 
of  critics  who  fear  that 
the  company’s  reach  has 
grown  too  long,  its  grip 
on  the  market  too  strong. 

In  fact,  fears  about 
Google’s  market  power 
have  grown  so  mark¬ 
edly  that  sometime  in  the 
next  four  years,  you  may 
well  see  an  antitrust  suit 
launched  against  Google 
by  the  U.S.  Department 
of  Justice  to  rein  in  the 
power  of  the  Silicon  Val¬ 
ley  search  king. 

To  understand  why 
Google  may  be  the  target 
of  an  antitrust  suit,  lis¬ 
ten  to  Christine  Varney, 


nominated  by  President 
Barack  Obama  to  be  as¬ 
sistant  attorney  general 
for  antitrust  at  the  Justice 
Department  —  in  other 
words,  the  nation’s  next 
antitrust  czar. 

On  June  19, 2008,  well 
before  the  election,  Var¬ 
ney  participated  in  a  panel 
discussion  sponsored  by 
the  American  Antitrust 
Institute.  According  to  the 
Bloomberg  news  service, 
she  warned  that  Google, 
not  Microsoft,  presents 
the  greatest  antitrust  dan¬ 
ger  in  the  21st  century. 

“For  me,  Microsoft 
is  so  last  century.  They 
are  not  the  problem,” 
she  said,  adding  that  our 
economy  will  “continu¬ 
ally  see  a  problem  —  po¬ 
tentially  with  Google,” 
because  it  “has  acquired 
a  monopoly  in  Internet 
online  advertising.” 

Varney  warned  that 

■  Today,  Ooogle 
resembles  no  com¬ 
pany  so  much  as  it 
does  Microsoft. 


Google  may  present 
other  dangers  as  well, 
particularly  in  cloud 
computing.  The  company 
is  “quickly  gathering 
market  power  in  what 
I  would  call  an  online 
computing  environment 
in  the  clouds,”  she  said. 

Lest  anyone  miss  her 
point  about  Google,  Var¬ 
ney  added,  “When  all  our 
enterprises  move  to  com¬ 
puting  in  the  clouds  and 
there  is  a  single  firm  that 
is  offering  a  comprehen¬ 
sive  solution,  you  are  go¬ 
ing  to  see  the  same  repeat 
of  Microsoft.” 

To  drive  home  her 
point,  she  said  that  in  the 
same  way  that  compa¬ 
nies  complained  about 
Microsoft’s  domination 
in  the  days  before  the 
antitrust  suit  against  it, 
“there  will  be  companies 
that  will  begin  to  allege 
that  Google  is  discrimi¬ 
nating”  against  them  by 
“not  allowing  their  prod¬ 
ucts  to  interoperate  with 
Google’s  products.” 

This  is  not  idle  talk. 
Varney  has  long  experi¬ 


ence  with  antitrust  suits 
and  technology.  In  fact, 
she  was  a  lobbyist  for 
Netscape  and  pushed 
President  Clinton’s  Jus¬ 
tice  Department  to  sue 
Microsoft  for  violations 
of  antitrust  laws. 

Before  that,  she  had 
been  a  member  of  the 
Federal  Trade  Com¬ 
mission  under  Clinton. 
While  there,  she  was  a 
vocal  proponent  of  online 
privacy,  calling  for  indus¬ 
try  privacy  standards  and 
for  the  government  to  in¬ 
crease  its  enforcement  of 
privacy  laws.  Given  that 
many  people  fear  that 
Google  has  amassed  far 
too  much  private  infor¬ 
mation  about  Internet  us¬ 
ers,  this  isn’t  good  news 
for  the  company. 

There’s  no  guaran¬ 
tee  that  there  will  be  a 
Google  antitrust  suit,  of 
course.  Varney  made  her 
statements  before  she 
was  nominated  to  be  the 
country’s  antitrust  chief. 
She  may  well  change  her 
mind  once  she  starts  her 
new  job. 

On  the  other  hand,  if  I 
were  a  Google  executive, 
there’s  one  place  where 
I’d  be  hiring  instead  of 
cutting  back:  the  legal 
department.  ■ 

Preston  Gralla  is  a  contrib¬ 
uting  editor  to  Computer- 
world.com  and  the  author 
of  more  than  35  books,  in¬ 
cluding  How  the  Internet 
!  Works  (Que,  2006). 
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Z  v  v  late  60s  who 

were  working  in 
2006,  up  from 

18%  in  1985,  according  to  the  Bureau  of  Labor  Statistics. 
The  BLS  also  says  that  over  the  next  decade,  the  number  of 
workers  55  and  older  is  expected  to  rise  at  more  than  five 
times  the  rate  of  the  overall  workforce. 
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QUESTIONING 
THE  QUESTIONERS 


At  least  15%  of 
the  respondents 
to  a  survey  con¬ 
ducted  last  year 
identified  the  following  questions  as  among  the  most 
annoying  they  are  asked  during  job  interviews: 


‘What  are  your  worst  traits?” 

‘What  would  you  say  is  your  worst  quality?” 
‘What’s  the  biggest  mistake  you’ve  ever  made?’ 
‘What  are  your  flaws  and  failings?” 

‘What  irritates  you  about  co-workers?” 


Respondents  also  identified  questions  they  wished  they 

would  be  asked  during  interviews,  including: 

■  “How  can  your  specific  experience  benefit  us?” 

■  “Describe  the  skills  and  talents  you  have 
that  will  help  us.” 

■  “What  can  you  bring  to  this  organization 
to  improve  it?” 

■  “In  a  nutshell,  if  we  hire  you,  what  will  you  bring 
of  value  to  this  organization?” 


SOURCE:  2008  HYRIAN  SURVEY  OF  JOB  CANDIDATES;  OF  THE  231  RESPON¬ 
DENTS,  12%  LISTED  IT  AS  THEIR  JOB  CATEGORY  OF  HIGHEST  INTEREST 


dean,  “The  School  of  Business, 
Management  and  Professional  Stud¬ 
ies  looks  to  these  innovative,  well- 
informed  leaders  for  new  program 
directions,  modifications  to  our  exist¬ 
ing  offerings  to  address  current  busi¬ 
ness  needs,  and  to  help  us  to  provide 
the  most  valuable  and  relevant  edu¬ 
cation  possible  to  our  students.” 

What  IT  executive  feedback 
has  helped  develop  the  curric¬ 
ulum?  The  MBA  in  technology  and 
innovation  leadership  promises  to 
be  one  of  the  school’s  flagship  MBA 
offerings,  Parmenter  says,  since  it 
addresses  unfulfilled  needs  in  today’s 
business  environments.  The  program 
came  about  with  input  from  members 
of  the  school’s  advisory  council. 

The  curriculum  will  include  a  core 
of  proven  management  courses, 
plus  five  new  offerings;  economics 
of  technological  change,  e-business 
and  entrepreneurship,  techno¬ 
logical  innovation  management  and 
strategies,  new  product  design  and 
development,  and  advanced  human 
resource  management. 


The  advisory  council  and  an 
SBMPS  task  force  have  made  a 
number  of  recommendations  for 
both  the  undergraduate  MIS  degree 
program  and  the  new  MBA  pro¬ 
gram.  Offerings  that  have  resulted 
or  are  currently  being  implemented 
include  project  management,  social 
networking  and  strategic  manage¬ 
ment  of  technological  innovations. 

“In  addition,"  says  Parmenter,  “as 
we  develop  new  programs  such  as  an 
MBA  in  health  information  manage¬ 
ment,  we  expect  the  board  will  con¬ 
tinue  to  play  a  very  important  role.” 

Is  there  a  review  process  by 
which  the  advisory  council 
monitors  the  curriculum  to  en¬ 
sure  that  it’s  current  and  rel¬ 
evant?  The  SBMPS  is  developing  a 
review  process  for  all  programs  and 
courses  within  the  programs.  “Given 
that  our  advisory  board  is  significantly 
made  up  of  industry/business  lead¬ 
ers,  as  well  as  entrepreneurs  and 
venture  capitalists,”  says  Parmenter, 
“their  recommendations  are  wel¬ 
come  and  valuable." 
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Business  Meets 
Academia 


How  U.S.  colleges  and  universities  are  working  with  the 
private  sector  to  develop  next-generation  IT  leaders. 


Number  of  degrees  awarded  in 
spring  2008:  Undergraduate:  177; 
graduate  (MBA);  42 


Daniel  Webster  College  School 
of  Business,  Management 
and  Professional  Studies 
(SBMPS),  Nashua,  N.H. 


Does  Daniel  Webster  have 
an  IT  advisory  council?  The 

SBMPS  has  an  advisory  council  that 
addresses  all  of  its  programs,  includ¬ 
ing  the  MIS  undergraduate  degree 
program  and  the  MBA  in  technology 
and  innovation  leadership.  The  ad¬ 
visory  council,  which  is  made  up  of 
industry  leaders  and  entrepreneurs, 
provides  insight  and  commentary 
on  existing  programs  as  well  as  the 
future  direction  of  the  school.  Council 
members  include  industry  arid  busi¬ 
ness  leaders  such  as  Richard  “Dick” 
Morley  of  R.  Morley  Inc.  and  Robert 
Good  of  Good  Leads. 

Says  Neil  Parmenter,  SBMPS 
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placing  legal  or 
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time-consuming  task  a 
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APPLICATION  SUPPORT 
ANALYST  (Finance)  -  Greif, 
Inc.,  has  2  openings  in 
Delaware,  Ohio.  Support  Baan 
Enterprise  Resource  Planning 
(ERP)  applications  in  a  multi¬ 
site  environment.  Req’s  BS  in 
Computer  Science,  Finance  or 
Accounting,  or  equiv.  and  3 
years,  including  Baan 
Enterprise  Resource  Planning 
(ERP)  Finance  applications, 
Sarbanes-Oxley  audit  expe¬ 
rience,  and  integrating  manufac¬ 
turing,  warehousing,  and  other 
modules  with  the  Baan  ERP 
Finance  Module.  Apply  to  Tracy 
Parsons  at  425  Winter  Road, 
Delaware,  Ohio  43015. 
Reference  job  title  in  cover  let¬ 
ter.  EOE. 


With  35  branch  offices  located 
across  the  US,  COMSYS  is 
actively  recruiting  for  the  follow¬ 
ing  positions. 

SAS  Programmer-  metro 
Deerfield,  1L-  Code  #  DE100 
Programmer  Analsyt-  metroRich- 
mond,  VA  Code  #  RI180 

Programmer  Analyst-  metro 
Cleveland,  OH-  Code  #  WI120 
Programmer  Analyst-  metro 
Greensboro,  NC  -  Code  #  GR1 00 
Software  Engineer-  metro  Portland, 
OR-  Code  #  BE140  Roving 
employment  to  varying  jobsites 
throughout  the  US.  Please  refer 
to  appropriate  job  code  when 
submitting  resume  to:  COMSYS, 
Attn.  Nancy  Theriault,  15455  N. 
Dallas  Pkwy.,  Ste  300,  Addison, 
TX  75001.  EOE./MF/DV 


Sr.  Software  Developer  w/2  yrs 
exp.  Dsgn  &  dvlp  applic  s/ware 
using  .NET  technologies, 
C#.Net,  VB.Net,  ASP.Net, 
ADO. Net,  XML  &  XSL.  Dsgn 
RDBMS,  write  SQL  queries, 
stored  procedures,  PL/SQL 
blocks  using  Oracle  &  MS  SQL 
Server.  Dvlp  &  enhance  Unix 
Shell  Scripts  for  monitoring 
applies  using  C-Shell  &  Perl.  2 
yrs  exp  as  Support  Analyst  (IT) 
acceptable.  Mail  res  to:  Triple 
Point  Technology,  Inc.,  301 
Riverside  Ave.,  Westport,  CT 
06880  Job  loc:  Westport,  CT  or 
in  any  unanticipated  locations 
in  USA 


Didn’t  find  the 
IT  career 
that  you  were 
looking  for? 


Check  back  with  us  weekiy 
for  fresh  listings  placed 
by  top  companies 
looking  for  skilled 
professionals  like  you! 
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TRUE  TALES  OF  IT  LIFE  AS  TOLD  TO  SHARKY 


I 

I 

<  Straight  to  the  Point 

This  pilot  fish’s  new  respon¬ 
sibilities  include  editing  Visio 
files  that  come  from  clients 
and  colleagues.  Problem:  Fish 
has  an  older  version  of  Visio, 
so  he’s  constantly  going  to 
co-workers  to  convert  files. 
Solution:  Upgrade  fish’s  Visio 
-  a  plan  that  fish’s  manager 
promptly  approves.  But  a 
bean  counter  in  the  control¬ 
ler’s  office  balks.  “Bean 
counter  said  he  just  checked 
it  out,  and  there’s  a  free  Visio 
viewer  on  the  Microsoft  site,” 
says  fish.  “He  wanted  to  know 
if  I  could  use  the  free  viewer 
along  with  my  old  program 
to  do  what  I  needed  and  thus 
avoid  buying  a  newer  ver¬ 
sion.”  Fish’s  reply:  “Can  you 
please  help  me  understand 


how  I  can  implement  your 
idea  of  editing  files  using  a 
viewer?"  Reports  fish,  “I  got 
permission  to  go  ahead  and 
buy  a  license.” 

That  Would  Explain  It 

It’s  a  few  years  ago,  and  this 
pilot  fish  works  at  a  company 
that  prints  mortgage  docu¬ 
ments  for  home  loans.  “I  and 
another  fellow  worked  the 
graveyard  shift,”  fish  says, 
“inserting  the  documents 
into  daisy-wheel  printers, 
confirming  that  they  printed 
correctly  and  bundling  up  the 
completed  loan  packages  for 
delivery.  We  occasionally  had 
to  call  for  assistance  from  the 
programmers,  waking  them 
up  in  the  middle  of  the  night, 
and  they’d  walk  us  through 


various  restarts,  uploads  and 
other  highly  technical  -  to  us 
-  procedures.  One  evening, 

I  called  the  programmer  on 
call,  who  gave  me  a  proce¬ 
dure  to  do  at  the  server.  There 
was  no  phone  in  the  server 
room,  so  I  had  to  write  down 
the  directions,  hang  up  and 
spend  the  next  half  hour  try¬ 
ing  to  follow  the  directions. 
After  failing  for  the  last  time, 

I  called  the  programmer  back 
and  told  him  that  this  proce¬ 
dure  wasn’t  working.  The  pro¬ 
grammer  said  to  me,  ‘Yeah, 

I  know.  After  I  hung  up  with 
you,  I  realized  that  wasn’t 
what  you  needed  to  do . . ” 

Pick  One 

Pilot  fish  at  a  medical  claims 
clearinghouse  is  asked  to 
research  why  a  new  client 
isn’t  getting  reports  back.  “I 
looked  into  it  and  found  out 
that  their  claims  had  never 
been  loaded  into  our  system 
because  they  could  not  gener¬ 
ate  valid  claims  electroni¬ 
cally,”  says  fish.  “Because  of 


this,  we  would  not  generate 
reports.”  Fortunately,  there’s 
someone  who’s  specifically 
responsible  for  informing  IT 
about  any  new  clients  hav¬ 
ing  these  kinds  of  problems. 

And  who  is  that?  “Exactly  the 
same  person  who  requested 
that  I  look  into  why  the  client 
was  not  getting  the  reports,” 
grumbles  fish.  “So  -  two 
methods  to  find  out  what  is 
happening:  Open  a  help  desk 
ticket  and  make  three  people 
spend  over  an  hour  research¬ 
ing  the  claims  flow  or  look  at 
the  e-mail  that  he  created.” 

■  Feed  the  Shark!  Send  me 
your  true  tale  of  IT  life  at 
sharky@computerworld.com. 
You’ll  snag  a  snazzy  Shark 
shirt  if  I  use  it. 

O  NEED  TO  VENT  YOUR  SPLEEN? 

Toss  some  chum  into  the 
roiling  waters  of  Shark  Bait, 

It's  therapeutic! 

sharkbait.computerworld.com 

O  CHECK  OUT  Sharky’s  blog,  browse  the 
,  Sharkives  and  sign  up  for  Shark  tank  home  . 

deliveryatcomputerworld.com/sharky. 
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■  NORTHWESTERN  STATES 

■  BAY  AREA 
Program  Sales  Director 
Sandra  Gibson  (415)  978-3306 
Senior  Sales  Associate, 
Program  Sales 

Chris  Da  Rosa  (415)  978-3304 
Mailing  Address 
501  Second  Street,  Suite  114 
San  Francisco,  CA  94107 
Fax  (415)  543-8010 


;  ■  NEW  ENGLAND  STATES 
i  Program  Sales  Director 

J  Deborah  Crimmings  (508)  271-7110 

J  Senior  Sales  Associate, 

1  Program  Sales 

I  Jess  Roman  (508)  271-7108 
«  Mailing  Address 

!  P.O.Box 9171,1  Speen Street 
j  Framingham,  MA  01701 
i  Fax  (508)  270-3882 


■  METRO  NEW  YORK 

S  EASTERN  CENTRAL 
STATES/iNDIANA 


COMPUTERWORLD 

HEADQUARTERS 

P.O.  Box  9171, 1  Speen  Street 
Framingham,  MA  01701-9171 
(508)879-0700 
Fax  (508)  875-4394 


President/CEO 

Matthew  J.  Sweeney 
(508)271-7100 

Executive  Assistant  to 
the  President/CEO 

Diana  Cooper 
(508)820-8522 

Vice  President/Group  Publisher 
Program  Sales 

John  Amato 
(508)820-8279 

Vice  President/ 

General  Manager  Online 

Martha  Connors 
(508)620-7700 

Vice  President,  Marketing 

Matt  Duffy 
(508)820-8145 

Editor  in  Chief 

Scot  Finnie 
(508)628-4868 

Vice  President,  Custom  Content 

Bill  Laberis 
(508)820-8669 

Vice  President,  Human  Resources 

Julie  Lynch 
(508)820-8162 

Executive  Vice  President, 
Strategic  Programs 

Ronald  L.  Milton 
(508)820-8661 

Vice  President/Group  Publisher 
Computerworld.com 

Gregg  Pinsky 
(508)271-8013 

Executive  Vice  President/COO 

Matthew  C.  Smith 
(508)820-8102 


•  IDG 

International  Data  Group 
Chairman  of  the  Board 

Patrick  J.  McGovern 

CEO, 

IDG  Communications 

BobCarrigan 


Computerworld  is  a  business  unit 
of  IDG,  the  world's  leading  technol¬ 
ogy  media,  research  and  events 
company.  IDG  publishes  more  than 
300  magazines  and  newspapers 
and  offers  online  users  the  largest 
network  of  technology-specific 
sites  around  the  world  through 
IDG.net  ( www.idg.net ),  which 
comprises  more  than  330  targeted 
Web  sites  in  80  countries.  IDG 
is  also  a  leading  producer  of  168 
computer-related  events  worldwide, 
and  IDG's  research  company.  IDC, 
provides  global  market  intelligence 
and  advice  through  51  offices  in  43 
countries.  Company  information  is 
available  at  mw.idg.com. 
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Lauren  Guerra  (415)  978-3306 

Senior  Sales  Associate, 
Program  Sales 

Emmie  Hung  (415)  978-3308 

Mailing  Address 

501  Second  Street,  Suite  114 
San  Francisco,  CA  94107 
Fax  (415)  543-8010 


■  SOUTHEASTERN  STATES 
Program  Sales  Director 

Lisa  Ladle-Wallace  (904)  284-4972 
Mailing  Address 

5242  River  Park  Villas  Drive 
St.  Augustine,  FL  32092 
Fax  (800)779-8622 

Senior  Sales  Associate, 
Program  Sales 

Jess  Roman  (508)  271-7108 
Mailing  Address 

P.O.  Box  9171, 1  Speen  Street 
Framingham,  MA  01701 
Fax  (508)270-3882 


s  Program  Sales  Director 

|  Hal  Mentlik  (201)  634-2324 

j  Senior  Sales  Associate, 

•  Program  Sales 

!  John  Radzniak  (201)  634-2323 

| 

i  Mailing  Address 

J  650  From  Road,  Suite  225 
!  Paramus,  NJ  07652 
i  Fax  (201)  634-9289 
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J  Senior  Sales  Operations  Manager 

j  Dawn  Cora  (508)  820-8133 

! 

S 
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1  Director  of  Market  Intelligence 

|  Paul  Calento  (415)  978-3212 

l  Mailing  Address 

J  501  Second  Street,  Suite  114 
t  San  Francisco,  CA  94107 
5  Fax  (415)  543-8010 


CIRCULATION/DISTR1BUTION 

V/ipa  ProciHont 

Debbie  Winders  (508)  820-8193 

Circulation  Manager 

Diana  Turco  (508)  820-8167 

Distribution  and  Postal  Affairs 

Michelle  Fuller  (508)  628-4757 


PRODUCTION 

Vice  President,  Production 

Carolyn  Medeiros 

Production  Manager 

KimPennett 

Print  Display  Advertising 

(508)820-8232 
Fax  (508)  879-0446 


STRATEGIC  PROGRAMS 

AND  EVENTS 

Vice  President,  Business 

Development  John  Vulopas 

(508)271-8024 

Vice  President,  Strategic 

Programs  &  Events  Ann  Harris 

(508)820-8667 

Vice  President,  Event 

Marketing  and  Conference 

Programs  Derek  Hulitzky 

(508)620-7705 

Senior  Director,  Event 

Management  Michael  Meleedy 

(508)820-8529 

Senior  Director,  Executive 

Programs  Sandy  Weill 

(508)620-7758 


ONLINE  ADVERTISING 

Vice  President/Group  Associate 

Publisher  Sean  Weglage  (415)  978-3314 

Fax  (415)  543-8010 

Online  Sales  Directors 

James  Kalbach 

(610)971-1588 

Jennell  Hicks 
(415)978-3309 
Fax  (415)  543-8010 
Online  Sales  Managers 
Matthew  Wintringham 
(508)820-8218 
Fax  (508)270-3882 
Kristi  Nelson 
(415)978-3313 
Fax  (415)  543-8010 
Account  Services  Director 
Bill  Rigby  (508)  820-8111 
Fax  (508)270-3882 
Online  Sales  Assistant 
Joan  Olson  (508)  270-7112 
Fax  (508)  270-3882 


IT  CAREERS 

Senior  Sales  Operations  Manager 

Dawn  Cora  (508)  820-8133 
Fax  (508)626-8524 


LIST  RENTAL 
Postal  and  E-mail 

Rich  Green  (508)  370-0832 
rgreen@idglist.com 
Mailing  Address 

IDG  List  Services,  P.O.  Box  9151 
Framingham,  MA  01701-9151 
Fax  (508)370-0020 
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Customer  Service  (888)  559-7327  toll  free 

Local  or  outside  UiS.  (847)  559-1573 
E-mail:  cw@omeda.com 


■  FRANKLY  SPEAKING 

Frank  Haves 


No  Infinite  Beer 


IF  IT  SOUNDS  too  good  to  be  true,  it  probably  is  — 
especially  if  there’s  money  involved.  So  it  should  be 
no  surprise  that  last  week,  a  99-cent  iPhone  application 
that  promised  “infinite”  free  text  messaging  stopped 
working.  It  turns  out  that  texting  was  infinitely  free  only 
because  Google  was  paying  the  bill. 

And  Google  wasn’t  getting  any  money  from  the  deal. 


Not  from  users.  Not 
from  advertisers,  who 
provide  most  of  Google’s 
revenue.  Not  even  from 
sales  of  the  app,  called 
Infinite  SMS,  which  was 
developed  by  two  guys 
in  the  Seattle  area  calling 
themselves  Inner  Fence. 

Here’s  what  happened. 
In  December,  Google  an¬ 
nounced  an  experimental 
feature:  the  ability  to 
send  and  receive  SMS 
text  messages  for  free 
through  a  Gmail  client. 
Google  even  used  stan¬ 
dard  interfaces  so  other 
software  makers  could 
create  their  own  clients 
to  use  the  service. 

In  February,  Inner 
Fence  launched  its  Infi¬ 
nite  SMS  app  through  the 
iTunes  store.  The  idea 
was  pretty  simple:  A  user 
provides  the  log-in  infor¬ 
mation  for  a  Gmail  ac¬ 
count,  Infinite  SMS  logs 
into  Gmail  and  provides 
an  interface  for  texting, 
and  the  user  doesn’t  have 
to  pay  a  stiff  bill  for  send¬ 


ing  text  messages. 

Infinite  SMS  quickly 
became  very  popular. 
Google  noticed  —  prob¬ 
ably  the  first  time  it  got 
an  SMS  bill  after  Infinite 
SMS  went  on  sale. 

On  March  9  —  25 
days  after  Inner  Fence 
launched  its  Google  killer 
—  Google  informed  the 
company  that  it  would  be 
turning  off  the  free  SMS 
service  for  non-Google 
apps.  Two  days  later, 
Infinite  SMS  stopped 
working.  (The  free  SMS 
feature  still  works  with 
Google  Chat,  though.) 

It’s  tough  to  feel  bad 
for  anyone  involved 
here.  Google  offered  free 
beer  as  an  experimental 
feature;  it  had  the  right 
to  turn  off  the  tap.  Inner 

M  You  probably 
have  some  users 
who  depend  on 
even  kludgser 
arrangements 
than  Infinite  SMS. 


Fence  knew  its  promise 
of  infinite  beer  depended 
on  someone  else’s  lar¬ 
gess.  And  the  Infinite 
SMS  users  paid  99  cents 
for  all  the  beer  they  could 
drink  —  at  least  before 
the  tap  went  dry. 

They  really  should 
have  known  it  would. 

Here’s  a  more  impor¬ 
tant  issue:  You  probably 
have  some  users  who 
depend  on  even  kludgier 
arrangements  than  Infi¬ 
nite  SMS. 

Maybe  they  connect  to 
office  systems  from  home 
using  their  neighbor’s 
Wi-Fi  (perhaps  without 
even  realizing  that’s  what 
they’re  doing).  Maybe 
they’re  routing  all  their 
e-mail  through  Gmail, 
which  went  down  again 
last  week  for  some  users. 
Maybe  they  lean  heavily 
on  instant  messaging  or 
Twitter  or  some  other 
free  service  that  could  go 
away  without  warning. 

And  maybe  you’ve 
encouraged  them  to  do 


just  that.  In  these  days  of 
free  services  and  tight- 
as-a-drum  IT  budgets, 
it’s  tempting  to  tell  users 
to  go  with  freebies  as  an 
alternative  to  your  IT 
shop’s  officially  sanc¬ 
tioned  technology. 

That  may  even  be  a 
good  thing  —  if  you’ve 
given  the  freebie  a  care¬ 
ful  vetting,  and  if  there’s 
nothing  mission-critical 
depending  on  it,  and  if 
security  and  confidential 
data  aren’t  at  risk.  (Even 
then,  Wi-Fi  unintention¬ 
ally  provided  by  a  neigh¬ 
bor  is  likely  a  bad  idea.) 

But  even  if  a  freebie 
is  safe  and  usable,  it’s 
still  worth  remembering 

—  and  reminding  users 

—  that  you’re  likely  to  get 
what  you  pay  for.  There’s 
no  uptime  requirement 
for  free  services,  no 
service-level  agreement. 
They  could  go  down 
without  warning,  wheth¬ 
er  as  a  result  of  technical 
issues,  financial  problems 
or  some  flaw  in  the  busi¬ 
ness  plan. 

And  it’s  probably  worth 
remembering  that  no 
matter  how  infinite  the 
promise  of  technology 
may  be,  somebody  some¬ 
how  has  to  pay  the  bill. 

Otherwise,  it  is  too 
good  to  be  true.  ■ 

Frank  Hayes  is  Computer- 
world’s  senior  news 
columnist.  Contact  him 
at  frank_hayes@ 
computerworld.com. 
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The  faster,  lighter  PC  protection 


Protecting  computers  is  no  longer  about  keeping  them  safe  from  infiltration 
by  viruses.  Loss  or  corruption  of  confidential  data  or  sensitive  client 
information  can  spell  disasterfor  any  business. 

Our  award-winning  ESET  NOD32®  Antivirus  provides  your  computers 
with  advanced  protection  utilizing  our  unique  ThreatSense*  technology. 
Engineered  to  disarm  threats  before  they  strike,  it  maintains  high 
performance  levels,  while  being  easy  on  your  system  resources. 

With  management  toois  that  scale  to  support  large  or  small  business 
networks,  ESET  NOD32  Antivirus  protects  your  network  and  your  reputation. 

Protects  against  malware 
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Easy  deployment  and  administration 
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1,200,000 

TRANSACTIONS  PER  MINUTE. 

DONE. 

Introducing  the  world’s  fastest  x86-64  server.  The  IBM  System  x3950  M2  with  eX4  technology, 
Intel®  Xeon®  7400  series  processors  and  IBM  DB2®  has  set  a  new  performance  record.  IBM 
has  built  the  first  x86-64  system  to  break  the  one-million-transactions-per-minute  barrier: 
It’s  a  new  standard  in  performance  that  improves  efficiency  and  can  help  save  money  in 
transaction  and  database  processing.  Find  out  how  it  can  help  you  keep  pace  in  a  faster 
world  at  ibm.com/systems/fastest  STOP  TALKING  START  DOING™ 
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